403 results (0.018 seconds)

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2025-29819 – Windows Admin Center in Azure Portal Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2025-29819

08 Apr 2025 — External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819 • CWE-73: External Control of File Name or Path •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2025-27489 – Azure Local Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2025-27489

08 Apr 2025 — Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27489 • CWE-20: Improper Input Validation •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-26628 – Azure Local Cluster Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2025-26628

08 Apr 2025 — Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26628 • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-25002 – Azure Local Cluster Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2025-25002

08 Apr 2025 — Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25002 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-21384 – Azure Health Bot Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2025-21384

01 Apr 2025 — An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21384 • CWE-693: Protection Mechanism Failure •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-26627 – Azure Arc Installer Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2025-26627

11 Mar 2025 — Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26627 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-24049 – Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2025-24049

11 Mar 2025 — Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24049 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0

CVE-2025-21199 – Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2025-21199

11 Mar 2025 — Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21199 • CWE-269: Improper Privilege Management •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2025-24986 – Azure Promptflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2025-24986

11 Mar 2025 — Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986 • CWE-653: Improper Isolation or Compartmentalization •

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-21188 – Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2025-21188

11 Feb 2025 — Azure Network Watcher VM Extension Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21188 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •