Search
Search Results (382 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-21397 | 1 Microsoft | 1 Azure File Sync | 2025-05-03 | 5.3 Medium |
| Microsoft Azure File Sync Elevation of Privilege Vulnerability | ||||
| CVE-2024-21364 | 1 Microsoft | 1 Azure Site Recovery | 2025-05-03 | 9.3 Critical |
| Microsoft Azure Site Recovery Elevation of Privilege Vulnerability | ||||
| CVE-2024-20679 | 1 Microsoft | 1 Azure Stack Hub | 2025-05-03 | 6.5 Medium |
| Azure Stack Hub Spoofing Vulnerability | ||||
| CVE-2024-21381 | 1 Microsoft | 1 Azure Active Directory | 2025-05-03 | 6.8 Medium |
| Microsoft Azure Active Directory B2C Spoofing Vulnerability | ||||
| CVE-2024-21329 | 1 Microsoft | 1 Azure Connected Machine Agent | 2025-05-03 | 7.3 High |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-21330 | 1 Microsoft | 8 Azure Automation, Azure Automation Update Management, Azure Security Center and 5 more | 2025-05-03 | 7.8 High |
| Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | ||||
| CVE-2024-26203 | 1 Microsoft | 1 Azure Data Studio | 2025-05-03 | 7.3 High |
| Azure Data Studio Elevation of Privilege Vulnerability | ||||
| CVE-2024-21421 | 1 Microsoft | 1 Azure Software Development Kit | 2025-05-03 | 7.5 High |
| Azure SDK Spoofing Vulnerability | ||||
| CVE-2024-29993 | 1 Microsoft | 1 Azure Cyclecloud | 2025-05-03 | 8.8 High |
| Azure CycleCloud Elevation of Privilege Vulnerability | ||||
| CVE-2024-29992 | 1 Microsoft | 1 Azure Identity Library For .net | 2025-05-03 | 5.5 Medium |
| Azure Identity Library for .NET Information Disclosure Vulnerability | ||||
| CVE-2024-29989 | 1 Microsoft | 2 Azure Monitor, Azure Monitor Agent | 2025-05-03 | 8.4 High |
| Azure Monitor Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-28917 | 1 Microsoft | 7 Azure Arc Extension Microsoft.azstackhci.operator, Azure Arc Extension Microsoft.azure.hybridnetwork, Azure Arc Extension Microsoft.azurekeyvaultsecretsprovider and 4 more | 2025-05-03 | 6.2 Medium |
| Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability | ||||
| CVE-2024-29990 | 1 Microsoft | 1 Azure Kubernetes Service Confidential Containers | 2025-05-03 | 9 Critical |
| Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | ||||
| CVE-2024-20685 | 1 Microsoft | 1 Azure Private 5g Core | 2025-05-03 | 5.9 Medium |
| Azure Private 5G Core Denial of Service Vulnerability | ||||
| CVE-2024-29063 | 1 Microsoft | 1 Azure Ai Search | 2025-05-03 | 7.3 High |
| Azure AI Search Information Disclosure Vulnerability | ||||
| CVE-2024-21424 | 1 Microsoft | 1 Azure Compute Gallery | 2025-05-03 | 6.5 Medium |
| Azure Compute Gallery Elevation of Privilege Vulnerability | ||||
| CVE-2024-26193 | 1 Microsoft | 1 Azure Migrate | 2025-05-03 | 6.4 Medium |
| Azure Migrate Remote Code Execution Vulnerability | ||||
| CVE-2024-30060 | 1 Microsoft | 1 Azure Monitor Agent | 2025-05-03 | 7.8 High |
| Azure Monitor Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-30053 | 1 Microsoft | 1 Azure Migrate | 2025-05-03 | 6.5 Medium |
| Azure Migrate Cross-Site Scripting Vulnerability | ||||
| CVE-2022-39327 | 1 Microsoft | 2 Azure Command-line Interface, Windows | 2025-04-22 | 8.1 High |
| Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the `&` or `|` symbols. If any of these prerequisites are not met, this vulnerability is not applicable. Users should upgrade to version 2.40.0 or greater to receive a a mitigation for the vulnerability. | ||||