| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
| Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network. |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
| Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. |
| Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. |
| Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network. |
| Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. |
| Microsoft Configuration Manager Remote Code Execution Vulnerability |
| An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'. |
| Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents. |
| Azure Apache Hadoop Spoofing Vulnerability |
| Azure Apache Oozie Spoofing Vulnerability |
| Azure Apache Ambari Spoofing Vulnerability |
| Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability |
| Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability |
| Azure HDInsight Jupyter Notebook Spoofing Vulnerability |
| Azure Apache Ambari Spoofing Vulnerability |
