Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft active directory authentication library vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-1258
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens, aka 'Azure Active Directory Authentication Library Elevation of Privilege Vulnerability'.
Microsoft Nuget 5.2.0
Microsoft Active Directory Authentication Library 5.0.1
Microsoft Active Directory Authentication Library 5.0.2
Microsoft Active Directory Authentication Library 5.0.3
Microsoft Active Directory Authentication Library
Microsoft Active Directory Authentication Library 5.0.0
8.1
CVSSv3
CVE-2016-7191
The Microsoft Azure Active Directory Passport (aka Passport-Azure-AD) library 1.x prior to 1.4.6 and 2.x prior to 2.0.1 for Node.js does not recognize the validateIssuer setting, which allows remote malicious users to bypass authentication via a crafted token.
Microsoft Azure Active Directory Passport 1.0.0
Microsoft Azure Active Directory Passport 1.1.0
Microsoft Azure Active Directory Passport 1.3.5
Microsoft Azure Active Directory Passport 1.3.6
Microsoft Azure Active Directory Passport 2.0.0
Microsoft Azure Active Directory Passport 1.3.3
Microsoft Azure Active Directory Passport 1.3.4
Microsoft Azure Active Directory Passport 1.4.4
Microsoft Azure Active Directory Passport 1.4.5
Microsoft Azure Active Directory Passport 1.3.1
Microsoft Azure Active Directory Passport 1.3.2
Microsoft Azure Active Directory Passport 1.4.2
Microsoft Azure Active Directory Passport 1.4.3
Microsoft Azure Active Directory Passport 1.1.1
Microsoft Azure Active Directory Passport 1.2.0
Microsoft Azure Active Directory Passport 1.3.0
Microsoft Azure Active Directory Passport 1.4.0
Microsoft Azure Active Directory Passport 1.4.1
NA
CVE-2004-0120
The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote malicious users to cause a denial of service via malformed SSL messages.
Microsoft Windows 2000
Microsoft Windows 2003 Server R2
Microsoft Windows Xp
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started