9798 matches found
CVE-2026-30969 Coral Server has insufficient agent authentication in session communication channels
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
CVE-2026-30969
CVE-2026-30969 affects Coral Server prior to version 1.1.0, where active-session authentication between agents and the server was not enforced. An attacker who could obtain or predict a session identifier could impersonate an agent or join an existing session. The issue is resolved in version 1.1...
CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
...
CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
...
CVE-2026-25177 Active Directory Domain Services Elevation of Privilege Vulnerability
...
CVE-2026-25177
CVE-2026-25177 is an elevation-of-privilege vulnerability in Active Directory Domain Services. The CVE affects AD DS and permits an authorized attacker to elevate privileges over the network (CVSS v3.1: 8.8, Network, Privileges Required: Low, User Interaction: None, Confidentiality/Integrity/Avai...
CVE-2026-25177
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...
CVE-2026-25177 Active Directory Domain Services Elevation of Privilege Vulnerability
...
Active Directory Domain Services Elevation of Privilege Vulnerability
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why this happens and how teams can manage ...
WordPress Active Products Tables for WooCommerce plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Active Products Tables for WooCommerce versions = 1.0.7...
Microsoft Active Directory Domain Services 安全漏洞
Microsoft Active Directory Domain Services is a key service provided by Microsoft Corporation, used to manage and organize resources, users, computers, and other security objects within a network. There are security vulnerabilities in Microsoft Active Directory Domain Services. Attackers can...
EulerOS 2.0 SP13 : sssd (EulerOS-SA-2026-1262)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...
EulerOS 2.0 SP13 : sssd (EulerOS-SA-2026-1298)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...
PT-2026-24304
Name of the Vulnerable Software and Affected Versions Active Directory Domain Services affected versions not specified Description Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network,...
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1298)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1262)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2026-1773050498 Fix CVE(s): CVE-2025-10230
SECURITY UPDATE: remote command execution via unsanitized WINS hook NetBIOS name handling in Samba AD DC - debian/patches/CVE-2025-10230.patch: validate NetBIOS names in source4 WINS hook to prevent shell metacharacter injection - debian/patches/CVE-2025-10230-test.patch: add torture tests for WI...
challenge-lab-ASCP
AD Attack Path Lab A complete Active Directory attack simulat...
denkair-lab
DenkAir - Windows AD Pentesting Lab A comprehensive Windows A...