Search
Search Results (452 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-50653 | 1 Microsoft | 2 .net, Azure Active Directory | 2026-07-16 | 7.5 High |
| Loop with unreachable exit condition ('infinite loop') in Azure Active Directory allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50652 | 1 Microsoft | 2 .net, Azure Active Directory | 2026-07-16 | 7.5 High |
| Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-57969 | 1 Microsoft | 1 Azure Cyclecloud | 2026-07-15 | 8.8 High |
| Missing authentication for critical function in Azure CycleCloud allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-47632 | 1 Microsoft | 1 Azure Monitor Agent Metrics Extension | 2026-07-15 | 8.8 High |
| Improper certificate validation in Azure Monitor Agent allows an unauthorized attacker to elevate privileges over an adjacent network. | ||||
| CVE-2026-50338 | 1 Microsoft | 1 Azure Spring Apps | 2026-07-14 | 8.2 High |
| Improper authentication in Azure Spring Apps allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-58279 | 1 Microsoft | 1 Azure Cyclecloud | 2026-07-14 | 6.5 Medium |
| Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-26145 | 1 Microsoft | 1 Azure Synapse | 2026-07-06 | 4.8 Medium |
| Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-45499 | 1 Microsoft | 2 Azure Open-ai, Azure Open-ai | 2026-07-06 | 9.9 Critical |
| Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-32174 | 1 Microsoft | 1 Azure Ai Bot Service | 2026-06-23 | 7.7 High |
| Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-48584 | 1 Microsoft | 1 Azure Synapse | 2026-06-22 | 9.9 Critical |
| Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-45480 | 1 Microsoft | 1 Azure Active Directory | 2026-06-22 | 10 Critical |
| Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-47633 | 1 Microsoft | 2 Azure Cost Management, Azure Cost Management | 2026-06-22 | 7.5 High |
| Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-47643 | 1 Microsoft | 1 Azure Stack Edge | 2026-06-10 | 9.8 Critical |
| External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-32193 | 1 Microsoft | 1 Azure Kubernetes Service | 2026-06-10 | 8.8 High |
| Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally. | ||||
| CVE-2026-41098 | 1 Microsoft | 1 Azure Stack Edge | 2026-06-09 | 8.4 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2024-38179 | 1 Microsoft | 3 Azure Stack Hci, Azure Stack Hci Os 22h2, Azure Stack Hci Os 23h2 | 2026-06-09 | 8.8 High |
| Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability | ||||
| CVE-2024-38204 | 1 Microsoft | 1 Azure Functions | 2026-06-09 | 7.5 High |
| Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2024-43480 | 2 Linux, Microsoft | 2 Linux Kernel, Azure Service Fabric | 2026-06-09 | 6.6 Medium |
| Azure Service Fabric for Linux Remote Code Execution Vulnerability | ||||
| CVE-2026-48567 | 1 Microsoft | 3 .azure Horizondb, .azure Horizondb, Azure Horizondb | 2026-06-05 | 10 Critical |
| Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-33844 | 1 Microsoft | 1 Azure Managed Instance For Apache Cassandra | 2026-06-01 | 9 Critical |
| Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network. | ||||