Search Results (446 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-26145 1 Microsoft 1 Azure Synapse 2026-07-06 4.8 Medium
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.
CVE-2026-45499 1 Microsoft 2 Azure Open-ai, Azure Open-ai 2026-07-06 9.9 Critical
Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.
CVE-2026-32174 1 Microsoft 1 Azure Ai Bot Service 2026-06-23 7.7 High
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.
CVE-2026-48584 1 Microsoft 1 Azure Synapse 2026-06-22 9.9 Critical
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.
CVE-2026-45480 1 Microsoft 1 Azure Active Directory 2026-06-22 10 Critical
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-47633 1 Microsoft 2 Azure Cost Management, Azure Cost Management 2026-06-22 7.5 High
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.
CVE-2026-47643 1 Microsoft 1 Azure Stack Edge 2026-06-10 9.8 Critical
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network.
CVE-2026-32193 1 Microsoft 1 Azure Kubernetes Service 2026-06-10 8.8 High
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally.
CVE-2026-41098 1 Microsoft 1 Azure Stack Edge 2026-06-09 8.4 High
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.
CVE-2024-38179 1 Microsoft 3 Azure Stack Hci, Azure Stack Hci Os 22h2, Azure Stack Hci Os 23h2 2026-06-09 8.8 High
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
CVE-2024-38204 1 Microsoft 1 Azure Functions 2026-06-09 7.5 High
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.
CVE-2024-43480 2 Linux, Microsoft 2 Linux Kernel, Azure Service Fabric 2026-06-09 6.6 Medium
Azure Service Fabric for Linux Remote Code Execution Vulnerability
CVE-2026-48567 1 Microsoft 3 .azure Horizondb, .azure Horizondb, Azure Horizondb 2026-06-05 10 Critical
Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-33844 1 Microsoft 1 Azure Managed Instance For Apache Cassandra 2026-06-01 9 Critical
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
CVE-2026-42834 1 Microsoft 2 Azure Portal Windows Admin Center, Windows Admin Center 2026-06-01 7.8 High
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
CVE-2026-26147 1 Microsoft 1 Azure Stack Hci 2026-05-27 7.7 High
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
CVE-2026-35430 1 Microsoft 2 Azure Privileged Identity Management, Azure Privileged Management 2026-05-27 8.8 High
Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges over a network.
CVE-2026-40411 1 Microsoft 1 Azure Virtual Network Gateway 2026-05-27 9.9 Critical
Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.
CVE-2026-40412 1 Microsoft 1 Azure Orbital Spatio 2026-05-27 10 Critical
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.
CVE-2026-47280 1 Microsoft 1 Azure Resource Manager 2026-05-27 10 Critical
Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.