Search
Search Results (356 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-35255 | 2 Microsoft, Redhat | 5 Authentication Library, Azure Identity Sdk, Camel Quarkus and 2 more | 2025-07-16 | 5.5 Medium |
| Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability | ||||
| CVE-2025-26627 | 1 Microsoft | 1 Azure Arc | 2025-07-13 | 7 High |
| Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2024-38175 | 1 Microsoft | 1 Azure Managed Instance For Apache Cassandra | 2025-07-10 | 9.6 Critical |
| An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network. | ||||
| CVE-2024-38109 | 1 Microsoft | 1 Azure Health Bot | 2025-07-10 | 9.1 Critical |
| An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. | ||||
| CVE-2024-38195 | 1 Microsoft | 1 Azure Cyclecloud | 2025-07-10 | 7.8 High |
| Azure CycleCloud Remote Code Execution Vulnerability | ||||
| CVE-2024-38162 | 1 Microsoft | 1 Azure Connected Machine Agent | 2025-07-10 | 7.8 High |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-38158 | 1 Microsoft | 1 Azure Iot Hub Device Client Sdk | 2025-07-10 | 7 High |
| Azure IoT SDK Remote Code Execution Vulnerability | ||||
| CVE-2024-38157 | 1 Microsoft | 1 Azure Iot Hub Device Client Sdk | 2025-07-10 | 7 High |
| Azure IoT SDK Remote Code Execution Vulnerability | ||||
| CVE-2024-38098 | 1 Microsoft | 1 Azure Connected Machine Agent | 2025-07-10 | 7.8 High |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-38201 | 1 Microsoft | 1 Azure Stack Hub | 2025-07-10 | 7 High |
| Azure Stack Hub Elevation of Privilege Vulnerability | ||||
| CVE-2024-38108 | 1 Microsoft | 1 Azure Stack Hub | 2025-07-10 | 9.3 Critical |
| Azure Stack Hub Spoofing Vulnerability | ||||
| CVE-2025-24986 | 1 Microsoft | 2 Azure Promptflow Core, Azure Promptflow Tools | 2025-07-10 | 6.5 Medium |
| Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-21384 | 1 Microsoft | 1 Azure Health Bot | 2025-07-08 | 8.3 High |
| An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. | ||||
| CVE-2024-49060 | 1 Microsoft | 1 Azure Stack Hci | 2025-07-08 | 8.8 High |
| Azure Stack HCI Elevation of Privilege Vulnerability | ||||
| CVE-2024-43613 | 1 Microsoft | 1 Azure Database For Postgresql Flexible Server | 2025-07-08 | 7.2 High |
| Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability | ||||
| CVE-2024-49052 | 1 Microsoft | 1 Azure Functions | 2025-07-08 | 8.2 High |
| Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2024-49042 | 1 Microsoft | 1 Azure Database For Postgresql Flexible Server | 2025-07-08 | 7.2 High |
| Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability | ||||
| CVE-2024-43602 | 1 Microsoft | 1 Azure Cyclecloud | 2025-07-08 | 9.9 Critical |
| Azure CycleCloud Remote Code Execution Vulnerability | ||||
| CVE-2024-38179 | 1 Microsoft | 1 Azure Stack Hci | 2025-07-08 | 8.8 High |
| Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability | ||||
| CVE-2024-38204 | 1 Microsoft | 1 Azure Functions | 2025-07-08 | 7.5 High |
| Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. | ||||