Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft active directory services - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6331
Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-out endpoint, does not properly process logoff actions, which makes it easier for remote malicious users to obtain access by leveraging an unattended workst...
Microsoft Active Directory Federation Services 2.1
Microsoft Active Directory Federation Services 2.0
Microsoft Active Directory Federation Services 3.0
NA
CVE-2013-1282
The LDAP service in Microsoft Active Directory, Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Service (AD LDS), and Active Directory Services allows remote malicious users to cause a denial of service (memory consumption and service outage) via ...
Microsoft Active Directory Lightweight Directory Service -
Microsoft Active Directory Application Mode -
Microsoft Active Directory -
Microsoft Active Directory Services -
NA
CVE-2015-1757
Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 allows remote malicious users to inject arbitrary web script or HTML via the wct parameter, aka "ADFS XSS Eleva...
Microsoft Active Directory Federation Services 2.1
Microsoft Active Directory Federation Services 2.0
NA
CVE-2013-3185
Microsoft Active Directory Federation Services (AD FS) 1.x up to and including 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allows remote malicious users to obtain sensitive information about the service account, and possibly cond...
Microsoft Active Directory Federation Services 2.0
Microsoft Active Directory Federation Services 2.1
8.6
CVSSv3
CVE-2018-16794
Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.
Microsoft Active Directory Federation Services
4 Github repositories
8.1
CVSSv3
CVE-2021-42306
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential? on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a use...
Microsoft Azure Migrate
Microsoft Azure Active Site Recovery
Microsoft Azure Automation
Microsoft Azure Active Directory
1 Github repository
1 Article
NA
CVE-2013-3868
Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote malicious users to cause a den...
Microsoft Windows Server 2008
Microsoft Active Directory Lightweight Directory Service -
Microsoft Windows 8 -
Microsoft Windows 7
Microsoft Windows Server 2012 -
Microsoft Windows Vista
8.8
CVSSv3
CVE-2022-34691
Active Directory Domain Services Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 -
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 21h1
Microsoft Windows Server 2022 -
Microsoft Windows 11 -
8.8
CVSSv3
CVE-2022-26923
Active Directory Domain Services Elevation of Privilege Vulnerability
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
Microsoft Windows 11 -
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
1 Metasploit module
19 Github repositories
1 Article
NA
CVE-2003-0507
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote malicious users to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," ...
Microsoft Windows 2000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »