Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft active directory services - vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2017-0043
Active Directory Federation Services in Microsoft Windows 10 1607, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Microsoft Active Directory Feder...
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2016
Microsoft Windows 10 1607
Microsoft Windows Server 2008 R2
7.2
CVSSv3
CVE-2023-35350
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
6.6
CVSSv3
CVE-2023-35351
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
NA
CVE-2011-1264
Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka &...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 2003 Server
Microsoft Windows Server 2003
NA
CVE-2014-6331
Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-out endpoint, does not properly process logoff actions, which makes it easier for remote malicious users to obtain access by leveraging an unattended workst...
Microsoft Active Directory Federation Services 2.1
Microsoft Active Directory Federation Services 2.0
Microsoft Active Directory Federation Services 3.0
7.5
CVSSv3
CVE-2022-30215
Active Directory Federation Services Elevation of Privilege Vulnerability
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 20h2
Microsoft Windows Server 2022 -
5.4
CVSSv3
CVE-2018-8547
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XS...
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows 10 1709
Microsoft Windows 10 1809
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1709
Microsoft Windows 10 1607
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
5.4
CVSSv3
CVE-2018-8326
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Di...
Microsoft Web Customizations
NA
CVE-2015-1638
Microsoft Active Directory Federation Services (AD FS) 3.0 on Windows Server 2012 R2 does not properly handle logoff actions, which allows remote malicious users to bypass intended access restrictions by leveraging an unattended workstation, aka "Active Directory Federation ...
Microsoft Windows Server 2012 R2
6.5
CVSSv3
CVE-2018-8340
A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Server 2012 R2, Windows...
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1709
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »