| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.71.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. The problem has been fixed in Microsoft.SemanticKernel.Core version 1.71.0. As a mitigation, users can create a Function Invocation Filter which checks the arguments being passed to any calls to DownloadFileAsync or UploadFileAsync and ensures the provided localFilePath is allow listed. |
| Server-side request forgery (ssrf) in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network. |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network. |
| Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an unauthorized attacker to perform spoofing over a network. |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to perform information disclosure locally. |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network. |
| Azure Entra ID Elevation of Privilege Vulnerability |
| Azure Entra ID Elevation of Privilege Vulnerability |
| Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. |
| Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network. |
| Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. |
| Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network. |
| Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. |
| Azure Bastion Elevation of Privilege Vulnerability |
| Microsoft SharePoint Online Elevation of Privilege Vulnerability |
| Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network. |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized attacker to perform spoofing over a network. |
| Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network. |
| Azure Entra ID Elevation of Privilege Vulnerability |
| Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network. |
