CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21400 – Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21400
12 Mar 2024 — Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del contenedor confidencial del servicio Microsoft Azure Kubernetes • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21400 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26203 – Azure Data Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26203
12 Mar 2024 — Azure Data Studio Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Azure Data Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26203 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21421 – Azure SDK Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-21421
12 Mar 2024 — Azure SDK Spoofing Vulnerability Vulnerabilidad de suplantación del SDK de Azure • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21421 • CWE-1395: Dependency on Vulnerable Third-Party Component •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21418 – Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21418
12 Mar 2024 — Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del software para redes abiertas en la nube (SONiC) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27099 – Azure IoT Platform Device SDK Double Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-27099
27 Feb 2024 — The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect `AMQP_VALUE` failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987. uAMQP es una librería C para la comunicación de AMQP 1.0 con Azure Cloud Services. Al procesar un estado fallido `AMQP_VALUE` incorrecto, puede causar un problema de doble liberación. • https://github.com/Azure/azure-uamqp-c/commit/2ca42b6e4e098af2d17e487814a91d05f6ae4987 • CWE-415: Double Free •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21403 – Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21403
13 Feb 2024 — Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del contenedor confidencial del servicio Microsoft Azure Kubernetes • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21403 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21397 – Microsoft Azure File Sync Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21397
13 Feb 2024 — Microsoft Azure File Sync Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de sincronización de archivos de Microsoft Azure • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21397 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21376 – Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21376
13 Feb 2024 — Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del contenedor confidencial del servicio Microsoft Azure Kubernetes • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21376 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21364 – Microsoft Azure Site Recovery Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21364
13 Feb 2024 — Microsoft Azure Site Recovery Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Azure Site Recovery • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21364 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20679 – Azure Stack Hub Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-20679
13 Feb 2024 — Azure Stack Hub Spoofing Vulnerability Vulnerabilidad de suplantación de identidad en Azure Stack Hub • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20679 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •