Active Directory Services
by Microsoft
CVEs (38)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26923 | Hig | 0.79 | 8.8 | 0.83 | KEV | May 10, 2022 | Active Directory Domain Services Elevation of Privilege Vulnerability | |
| CVE-2021-42287 | Hig | 0.73 | 7.5 | 0.74 | KEV | Nov 10, 2021 | Active Directory Domain Services Elevation of Privilege Vulnerability | |
| CVE-2021-42278 | Hig | 0.72 | 7.5 | 0.70 | KEV | Nov 10, 2021 | Active Directory Domain Services Elevation of Privilege Vulnerability | |
| CVE-2011-3406 | Hig | 0.59 | 8.8 | 0.23 | Dec 14, 2011 | Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold… | ||
| CVE-2026-45648 | Hig | 0.57 | 8.8 | 0.01 | Jun 9, 2026 | Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network. | ||
| CVE-2022-34691 | Hig | 0.57 | 8.8 | 0.02 | Aug 9, 2022 | Active Directory Domain Services Elevation of Privilege Vulnerability | ||
| CVE-2022-21857 | Hig | 0.57 | 8.8 | 0.03 | Jan 11, 2022 | Active Directory Domain Services Elevation of Privilege Vulnerability | ||
| CVE-2021-42306 | Hig | 0.53 | 8.1 | 0.03 | Nov 24, 2021 | An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a… | ||
| CVE-2020-0665 | Hig | 0.53 | 8.1 | 0.04 | Feb 11, 2020 | An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'. | ||
| CVE-2021-42282 | Hig | 0.49 | 7.5 | 0.03 | Nov 10, 2021 | Active Directory Domain Services Elevation of Privilege Vulnerability | ||
| CVE-2022-38042 | Hig | 0.46 | 7.1 | 0.01 | Oct 11, 2022 | Active Directory Domain Services Elevation of Privilege Vulnerability | ||
| CVE-2016-3226 | Med | 0.43 | 6.5 | 0.11 | Jun 16, 2016 | Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability." | ||
| CVE-2026-32072 | Med | 0.40 | 6.2 | 0.00 | Apr 14, 2026 | Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally. | ||
| CVE-2019-0683 | Med | 0.39 | 5.9 | 0.03 | Apr 9, 2019 | An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'. | ||
| CVE-2018-0890 | Med | 0.35 | 5.3 | 0.04 | Apr 12, 2018 | A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings, aka "Active Directory Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | ||
| CVE-2021-41337 | Med | 0.32 | 4.9 | 0.02 | Oct 13, 2021 | Active Directory Security Feature Bypass Vulnerability | ||
| CVE-2023-36722 | Med | 0.29 | 4.4 | 0.01 | Oct 10, 2023 | Active Directory Domain Services Information Disclosure Vulnerability | ||
| CVE-2017-0164 | Med | 0.29 | 4.4 | 0.04 | Apr 12, 2017 | A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability." | ||
| CVE-2022-1697 | Low | 0.25 | 3.9 | 0.00 | Sep 6, 2022 | Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediate this vulnerability, you must uninstall Okta Active Directory Agent and reinstall Okta Active Directory Agent 3.12.0 or greater per the… | ||
| CVE-2025-21293 | 0.09 | — | 0.18 | Jan 14, 2025 | Active Directory Domain Services Elevation of Privilege Vulnerability |
- risk 0.79cvss 8.8epss 0.83
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.73cvss 7.5epss 0.74
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.72cvss 7.5epss 0.70
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.59cvss 8.8epss 0.23
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold…
- risk 0.57cvss 8.8epss 0.01
Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network.
- risk 0.57cvss 8.8epss 0.02
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.57cvss 8.8epss 0.03
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.03
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a…
- risk 0.53cvss 8.1epss 0.04
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.
- risk 0.49cvss 7.5epss 0.03
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.01
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.43cvss 6.5epss 0.11
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability."
- risk 0.40cvss 6.2epss 0.00
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
- risk 0.39cvss 5.9epss 0.03
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.
- risk 0.35cvss 5.3epss 0.04
A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings, aka "Active Directory Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
- risk 0.32cvss 4.9epss 0.02
Active Directory Security Feature Bypass Vulnerability
- risk 0.29cvss 4.4epss 0.01
Active Directory Domain Services Information Disclosure Vulnerability
- risk 0.29cvss 4.4epss 0.04
A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability."
- risk 0.25cvss 3.9epss 0.00
Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediate this vulnerability, you must uninstall Okta Active Directory Agent and reinstall Okta Active Directory Agent 3.12.0 or greater per the…
- CVE-2025-21293Jan 14, 2025risk 0.09cvss —epss 0.18
Active Directory Domain Services Elevation of Privilege Vulnerability
Page 1 of 2