Azure Security Vulnerabilities
8.8CVSS
7.5AI Score
0.001EPSS
5.5CVSS
7.2AI Score
0.0004EPSS
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege...
9CVSS
7.4AI Score
0.001EPSS
8.4CVSS
7.5AI Score
0.0004EPSS
7.3CVSS
7.2AI Score
0.0004EPSS
6.2CVSS
7.5AI Score
0.0004EPSS
6.4CVSS
8.1AI Score
0.0004EPSS
6.5CVSS
7.5AI Score
0.0005EPSS
5.9CVSS
7.3AI Score
0.001EPSS
The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...
6CVSS
8.8AI Score
0.0004EPSS
7.3CVSS
7.5AI Score
0.0004EPSS
7.5CVSS
7.4AI Score
0.001EPSS
7.8CVSS
7.5AI Score
0.0004EPSS
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege...
9CVSS
7.4AI Score
0.001EPSS
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQP_VALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit...
9.8CVSS
7.3AI Score
0.0004EPSS
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper...
7.8CVSS
7.6AI Score
0.001EPSS
5.3CVSS
7.4AI Score
0.0005EPSS
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege...
9CVSS
7.4AI Score
0.001EPSS
9CVSS
8.1AI Score
0.002EPSS
9.3CVSS
7.4AI Score
0.001EPSS
7.3CVSS
7.5AI Score
0.001EPSS
7.5CVSS
8.1AI Score
0.001EPSS
6.5CVSS
7.4AI Score
0.001EPSS
The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the...
9.8CVSS
8.3AI Score
0.0004EPSS
IdentityModel Extensions for .NET provide assemblies for web developers that wish to use federated identity providers for establishing the caller's identity. Anyone leveraging the SignedHttpRequestprotocol or the SignedHttpRequestValidatoris vulnerable. Microsoft.IdentityModel trusts the jkuclaim.....
8.8CVSS
7.1AI Score
0.001EPSS
8CVSS
8.1AI Score
0.007EPSS
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause...
9.8CVSS
8.6AI Score
0.006EPSS
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as...
8.6CVSS
7.4AI Score
0.0005EPSS
6.5CVSS
7.4AI Score
0.001EPSS
7.4CVSS
7.3AI Score
0.001EPSS
7.3CVSS
7.5AI Score
0.001EPSS
4.7CVSS
7.2AI Score
0.0005EPSS
8.8CVSS
7.6AI Score
0.002EPSS
8.6CVSS
7.4AI Score
0.001EPSS
7.8CVSS
8.6AI Score
0.0005EPSS
5.5CVSS
8.5AI Score
0.0005EPSS
7.3CVSS
7.8AI Score
0.001EPSS
7.8CVSS
8.8AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.002EPSS
8.8CVSS
8.8AI Score
0.002EPSS
7.2CVSS
7.3AI Score
0.001EPSS
8.1CVSS
8.6AI Score
0.041EPSS
8.8CVSS
9.4AI Score
0.002EPSS
9.8CVSS
9.3AI Score
0.002EPSS
Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b_1154b_3fb_, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid...
7.5CVSS
7.4AI Score
0.001EPSS
4.5CVSS
5.1AI Score
0.001EPSS
7CVSS
7.1AI Score
0.0005EPSS
4.5CVSS
5.1AI Score
0.001EPSS
4.5CVSS
5.1AI Score
0.001EPSS