Lucene search
K

4184 matches found

Nuclei
Nuclei
added 12 hours ago113 views

SecurEnvoy Two Factor Authentication - LDAP Injection

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...

9.8CVSS6.1AI score0.03304EPSS
Exploits2References3
Talos Blog
Talos Blog
added yesterday4 views

Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for July 2026, which includes 622 vulnerabilities affecting a range of products, including 57 that Microsoft marked as "critical." Microsoft notes that two of the vulnerabilities disclosed this month have been exploited in the wild. CVE-2026-5615...

9.9CVSS7.6AI score
Exploits0
NVD
NVD
added yesterday3 views

CVE-2026-54121

Improper authorization in Active Directory Certificate Services AD CS allows an authorized attacker to elevate privileges over a network...

8.8CVSS
Exploits0References1
NVD
NVD
added yesterday2 views

CVE-2026-54115

Integer overflow or wraparound in Windows Active Directory allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
NVD
NVD
added yesterday2 views

CVE-2026-50304

Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...

7.5CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-56155

Insufficient granularity of access control in Active Directory Federation Services AD FS allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-55001

Improper certificate validation in Windows Active Directory allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
NVD
NVD
added yesterday2 views

CVE-2026-54119

Loop with unreachable exit condition 'infinite loop' in Windows Active Directory allows an unauthorized attacker to deny service over a network...

7.5CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-49178

Heap-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network...

8.8CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-49164

Heap-based buffer overflow in Active Directory Domain Services allows an unauthorized attacker to execute code over a network...

8.1CVSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-58529

Summary (CVE-2026-58529): Out-of-bounds read in Active Directory Federation Services (AD FS) can disclose information over a network to an authorized attacker. The entry is supported by multiple connected sources (NVD/NCSC/CIRCL/NVDC/MSRC) confirming the vulnerability and its description. The CVS...

7.1CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday3 views

CVE-2026-50682

CVE-2026-50682 describes an out-of-bounds read in Windows Active Directory (Active Directory Domain Services) that can allow an authorized attacker to cause a denial of service over the network. The description and cross-references in the connected documents confirm the affected component as Wind...

7.1CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday21 views

CVE-2026-54121

CVE-2026-54121 affects Active Directory Certificate Services (AD CS). Root cause: improper authorization allowing an authorized attacker to elevate privileges over the network. Impact: elevation of privilege with high CVSS (8.8) per Microsoft-assigned metrics. Remediation: Microsoft has released ...

8.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-50684

CVE-2026-50684 (AD FS spoofing) : The vulnerability is described as improper neutralization of input during web page generation (XSS) in Active Directory Federation Services, enabling an authorized attacker to perform spoofing over the network. The CVSS v3.1 base metrics indicate a Medium severit...

4.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-50647

CVE-2026-50647: AD FS denial-of-service due to an infinite loop in AD FS. Public sources (NVD/EUVD/NCSC, CIRCL sighting, MSRC) confirm a network-exploitable condition causing service disruption; no exploitation details provided in the docs. Microsoft has released updates addressing the vulnerabil...

7.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-50411

CVE-2026-50411 affects Active Directory Federation Services (AD FS) and is described as a stack-based buffer overflow that enables a remote attacker to cause a denial of service over the network. Public references in the connected documents confirm the DoS impact and Microsoft has released update...

7.5CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-50355

CVE-2026-50355 is a vulnerability in Active Directory Federation Services (AD FS) described as a stack-based buffer overflow that enables a remote, unauthenticated attacker to cause a denial of service over the network. The CVSS v3.1 base score is 7.5 (Network, Low attack complexity, No privilege...

7.5CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-50366

CVE-2026-50366 describes a Denial of Service in Windows Active Directory Domain Services caused by a null pointer dereference. The vulnerability is exploitable over the network with no user interaction, requiring low privileges and network access from an authenticated attacker; the impact is deni...

6.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-50324

CVE-2026-50324 affects Windows Active Directory Federation Services (AD FS). The description identifies a loop condition described as an infinite loop that enables a network-based Denial of Service against AD FS. The CVE entry lists a Medium severity (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) with Ava...

5.9CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-50368

CVE-2026-50368 refers to a stack-based buffer overflow in Active Directory Federation Services (AD FS) that allows an unauthenticated attacker to cause a denial of service over the network. The vulnerability arises in the AD FS component and is described in multiple sources as enabling a DS impac...

7.5CVSS6.2AI score
Exploits0References1
Rows per page
Query Builder