Search
Search Results (367 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36956 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 4.4 Medium |
| Azure Sphere Information Disclosure Vulnerability | ||||
| CVE-2021-36949 | 1 Microsoft | 2 Azure Active Directory Connect, Azure Active Directory Connect Provisioning Agent | 2024-11-21 | 7.1 High |
| Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability | ||||
| CVE-2021-36943 | 1 Microsoft | 1 Azure Cyclecloud | 2024-11-21 | 4 Medium |
| Azure CycleCloud Elevation of Privilege Vulnerability | ||||
| CVE-2021-33762 | 1 Microsoft | 1 Azure Cyclecloud | 2024-11-21 | 7 High |
| Azure CycleCloud Elevation of Privilege Vulnerability | ||||
| CVE-2021-28460 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 8.1 High |
| Azure Sphere Unsigned Code Execution Vulnerability | ||||
| CVE-2021-28459 | 1 Microsoft | 1 Azure Devops Server | 2024-11-21 | 6.1 Medium |
| Azure DevOps Server Spoofing Vulnerability | ||||
| CVE-2021-27080 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 9.3 Critical |
| Azure Sphere Unsigned Code Execution Vulnerability | ||||
| CVE-2021-27075 | 1 Microsoft | 5 Azure Container Instances, Azure Container Registry, Azure Kubernetes Service and 2 more | 2024-11-21 | 6.8 Medium |
| Azure Virtual Machine Information Disclosure Vulnerability | ||||
| CVE-2021-27074 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 6.2 Medium |
| Azure Sphere Unsigned Code Execution Vulnerability | ||||
| CVE-2021-27067 | 1 Microsoft | 2 Azure Devops Server, Team Foundation Server | 2024-11-21 | 6.5 Medium |
| Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability | ||||
| CVE-2021-26444 | 1 Microsoft | 1 Azure Real Time Operating System | 2024-11-21 | 3.3 Low |
| Azure RTOS Information Disclosure Vulnerability | ||||
| CVE-2021-26430 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 6 Medium |
| Azure Sphere Denial of Service Vulnerability | ||||
| CVE-2021-26429 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 7.7 High |
| Azure Sphere Elevation of Privilege Vulnerability | ||||
| CVE-2021-26428 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 4.4 Medium |
| Azure Sphere Information Disclosure Vulnerability | ||||
| CVE-2021-24109 | 1 Microsoft | 1 Azure Kubernetes Service | 2024-11-21 | 6.8 Medium |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-1677 | 1 Microsoft | 1 Azure Kubernetes Service | 2024-11-21 | 5.5 Medium |
| Azure Active Directory Pod Identity Spoofing Vulnerability | ||||
| CVE-2020-8567 | 3 Google, Hashicorp, Microsoft | 3 Secret Manager Provider For Secret Store Csi Driver, Vault Provider For Secrets Store Csi Driver, Azure Key Vault Provider For Secrets Store Csi Driver | 2024-11-21 | 4.9 Medium |
| Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods. | ||||
| CVE-2020-35609 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 5.5 Medium |
| A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability. | ||||
| CVE-2020-35608 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 7.8 High |
| A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability. | ||||
| CVE-2020-1416 | 1 Microsoft | 5 Azure Storage Explorer, Typescript, Visual Studio 2017 and 2 more | 2024-11-21 | 8.8 High |
| An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'. | ||||