Search
Search Results (367 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54914 | 1 Microsoft | 2 Azure, Azure Networking | 2025-11-21 | 10 Critical |
| Azure Networking Elevation of Privilege Vulnerability | ||||
| CVE-2025-49692 | 1 Microsoft | 2 Azure, Azure Connected Machine Agent | 2025-11-21 | 7.8 High |
| Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55316 | 1 Microsoft | 2 Azure, Azure Connected Machine Agent | 2025-11-21 | 7.8 High |
| External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49707 | 1 Microsoft | 24 Azure, Azure Virtual Machine, Dcadsv5-series Azure Vm and 21 more | 2025-11-10 | 7.9 High |
| Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2025-53767 | 1 Microsoft | 2 Azure, Azure Openai | 2025-11-10 | 10 Critical |
| Azure OpenAI Elevation of Privilege Vulnerability | ||||
| CVE-2025-53792 | 1 Microsoft | 2 Azure, Azure Portal | 2025-11-10 | 9.1 Critical |
| Azure Portal Elevation of Privilege Vulnerability | ||||
| CVE-2025-53793 | 1 Microsoft | 1 Azure Stack Hub | 2025-11-10 | 7.5 High |
| Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53765 | 1 Microsoft | 2 Azure App Service On Azure Stack, Azure Stack Hub | 2025-11-10 | 4.4 Medium |
| Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-53763 | 1 Microsoft | 1 Azure | 2025-11-10 | 9.8 Critical |
| Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-53781 | 1 Microsoft | 25 Azure, Azure Virtual Machine, Dcadsv5-series Azure Vm and 22 more | 2025-11-10 | 7.7 High |
| Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-53729 | 1 Microsoft | 1 Azure File Sync | 2025-11-10 | 7.8 High |
| Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 367 Http Server, Opensearch Data Prepper, Apisix and 364 more | 2025-11-07 | 7.5 High |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | ||||
| CVE-2021-38649 | 1 Microsoft | 12 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics and 9 more | 2025-10-30 | 7 High |
| Open Management Infrastructure Elevation of Privilege Vulnerability | ||||
| CVE-2021-38645 | 1 Microsoft | 12 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics and 9 more | 2025-10-30 | 7.8 High |
| Open Management Infrastructure Elevation of Privilege Vulnerability | ||||
| CVE-2021-38647 | 1 Microsoft | 12 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics and 9 more | 2025-10-30 | 9.8 Critical |
| Open Management Infrastructure Remote Code Execution Vulnerability | ||||
| CVE-2021-38648 | 1 Microsoft | 12 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics and 9 more | 2025-10-30 | 7.8 High |
| Open Management Infrastructure Elevation of Privilege Vulnerability | ||||
| CVE-2023-38155 | 1 Microsoft | 1 Azure Devops Server | 2025-10-30 | 7 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2023-38156 | 1 Microsoft | 1 Azure Hdinsights | 2025-10-30 | 7.2 High |
| Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability | ||||
| CVE-2023-33136 | 1 Microsoft | 1 Azure Devops Server | 2025-10-30 | 8.8 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2023-29332 | 1 Microsoft | 1 Azure Kubernetes Service | 2025-10-30 | 7.5 High |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | ||||