MS16-123: Security Update for Windows Kernel-Mode Drivers (3192892)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple elevation of privilege vulnerabilities exist in the Windows kernel-mode driver due to improper handling of objects in memory. A local attacker can exploit these, via a special...

CVE-2016-7191

The Microsoft Azure Active Directory Passport aka Passport-Azure-AD library 1.x before 1.4.6 and 2.x before 2.0.1 for Node.js does not recognize the validateIssuer setting, which allows remote attackers to bypass authentication via a crafted token...

CVE-2016-7191

CVE-2016-7191 affects the Node.js Passport-Azure-AD library: versions 1.x before 1.4.6 and 2.x before 2.0.1 fail to recognize the validateIssuer setting, enabling authentication bypass with a crafted token. Affected products include passport-azure-ad for Node.js; exploitation could bypass Azure A...

Microsoft Azure Active Directory Passport CVE-2016-7191 Authentication Bypass Vulnerability

Description Microsoft Azure Active Directory Passport is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain unauthorized access to the application. Versions prior to Azure Active Directory Passport 1.4.6 and 2.0.1 a...