Lucene search
K

54 matches found

CNNVD
CNNVD
added 2024/04/16 12:0 a.m.7 views

Microsoft Authentication Library 安全漏洞

Microsoft Authentication Library MSAL is an authentication library from Microsoft Corporation. A security vulnerability exists in the Microsoft Authentication Library that originates in MSAL.NET applications that are susceptible to a local denial of service in the authentication flow. Affected...

3.9CVSS4.6AI score0.00189EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.5 views

Microsoft Authentication Library 安全漏洞

Microsoft Authentication Library MSAL is an authentication library from Microsoft Corporation. A security vulnerability exists in Microsoft Authentication Library. An attacker can exploit the vulnerability to elevate privileges. The following products and editions are affected:Windows Server...

4.3CVSS8.6AI score0.01014EPSS
Exploits0References3
Prion
Prion
added 2024/02/21 4:15 p.m.15 views

Design/Logic Flaw

discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...

5.1CVSS7.3AI score0.00798EPSS
Exploits0References3
OSV
OSV
added 2024/02/21 4:8 p.m.15 views

CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform

discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...

9CVSS8.8AI score0.00798EPSS
Exploits0References5
CVE
CVE
added 2024/02/21 4:8 p.m.115 views

CVE-2023-46241

The CVE-2023-46241 entry concerns the discourse-microsoft-auth plugin for Discourse, which allows Microsoft-based authentication and can enable account takeovers when sites are configured to non-single-tenant accounts. The issue is linked to authentication handling within the plugin and has been ...

9CVSS9.3AI score0.00798EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.7 views

PT-2024-13342 · Discourse · Discourse-Microsoft-Auth

Name of the Vulnerable Software and Affected Versions: discourse-microsoft-auth plugin affected versions not specified Description: The discourse-microsoft-auth plugin enables authentication via Microsoft. On sites with this plugin enabled, an attack can potentially take control of a victim's...

9CVSS7.4AI score0.00798EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.6 views

Discourse Security Breach

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse discourse-microsoft-auth 9543d188 and prior versions, which can be exploited by an attack to compromise a victim's Discourse...

9CVSS6.7AI score0.00798EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2020/05/19 3:0 p.m.39 views

Microsoft Build brings new innovations and capabilities to keep developers and customers secure

As both organizations and developers adapt to the new reality of working and collaborating in a remote environment, it’s more important than ever to ensure that their experiences are secure and trusted. As part of this week’s Build virtual event, we’re introducing new Identity innovation to help...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2020/04/22 7:28 a.m.29 views

Exploit for Improper Authentication in Microsoft

CVE-2020-0688 Working Exploit PoC CVE-202...

9CVSS8.8AI score0.99965EPSS
Exploits30
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.5 views

The vulnerability of the Microsoft Authentication Library (MSAL), which stems from the lack of protection for service data, allows attackers to disclose the protected information.

The vulnerability of the Microsoft Authentication Library MSAL is related to the lack of protection for service data. Exploiting this vulnerability could allow a perpetrator to disclose the protected information...

6.8CVSS6.5AI score0.04267EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/12/10 9:41 p.m.14 views

CVE-2019-1487

An information disclosure vulnerability in Android Apps using Microsoft Authentication Library MSAL 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'...

6AI score0.04267EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2019/12/10 12:0 a.m.13 views

KLA11644 An information disclosure vulnerability in Microsoft Downloads

An information disclosure vulnerability was found in Microsoft Downloads. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2019-1487 Related products Microsoft-Authentification-Library-for-Android CVE list CVE-2019-1487 warning KB list Soluti...

6.5CVSS6.5AI score0.04267EPSS
Exploits0References3
Symantec
Symantec
added 2019/12/10 12:0 a.m.18 views

Microsoft Authentication Library CVE-2019-1487 Information Disclosure Vulnerability

Description Microsoft Authentication Library is prone to a information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Authentication Library 0.3.1-Alpha Recommendations Block external...

0.8AI score0.04267EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2009/12/09 12:0 a.m.4 views

PT-2009-4912 · Microsoft · Windows Server 2008 R2 +2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 Description: A remote code execution issue exists due to improper validation of MS-CHAP v2 Protected Extensible Authentication Protocol PEAP authentication requests. This allows...

10CVSS8.1AI score0.31611EPSS
Exploits1References7
Rows per page
Query Builder