Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft active directory services - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-35351
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
NA
CVE-2023-35350
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
5
CVSSv2
CVE-2014-6331
Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-out endpoint, does not properly process logoff actions, which makes it easier for remote malicious users to obtain access by leveraging an unattended workst...
Microsoft Active Directory Federation Services 2.1
Microsoft Active Directory Federation Services 2.0
Microsoft Active Directory Federation Services 3.0
4.3
CVSSv2
CVE-2011-1264
Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka &...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 2003 Server
Microsoft Windows Server 2003
8.5
CVSSv2
CVE-2022-30215
Active Directory Federation Services Elevation of Privilege Vulnerability
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 20h2
Microsoft Windows Server 2022 -
3.5
CVSSv2
CVE-2018-8547
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XS...
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows 10 1709
Microsoft Windows 10 1809
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1709
Microsoft Windows 10 1607
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
NA
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byte...
Haxx Libcurl
Fedoraproject Fedora 37
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
9 Github repositories
2 Articles
3.5
CVSSv2
CVE-2018-8326
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Di...
Microsoft Web Customizations
5.8
CVSSv2
CVE-2015-1638
Microsoft Active Directory Federation Services (AD FS) 3.0 on Windows Server 2012 R2 does not properly handle logoff actions, which allows remote malicious users to bypass intended access restrictions by leveraging an unattended workstation, aka "Active Directory Federation ...
Microsoft Windows Server 2012 R2
5
CVSSv2
CVE-2016-0037
The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote malicious users to cause a denial of service (daemon outage) via crafted data, aka "Microsoft Active Directory Federation Servic...
Microsoft Windows Server 2012 R2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »