Lucene search
K

57 matches found

CNVD
CNVD
added 2025/05/14 12:0 a.m.3 views

Microsoft Azure Functions Data Forgery Issue Vulnerability

Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that provides event-driven and scheduled compute resources for Azure cloud services. Microsoft Azure Functions has a data forgery issue vulnerability that stems from improper cryptographic...

8.8CVSS8AI score0.00459EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/02 5:22 p.m.10 views

CVE-2025-33074

Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...

8.8CVSS7.2AI score0.00459EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/04/30 6:15 p.m.4 views

CVE-2025-33074

Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...

8.8CVSS5.7AI score0.00459EPSS
Exploits0References2
NVD
NVD
added 2025/04/30 6:15 p.m.31 views

CVE-2025-33074

Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...

8.8CVSS0.00459EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/30 5:14 p.m.12 views

CVE-2025-33074 Azure Functions Remote Code Execution Vulnerability

...

7.5CVSS7AI score0.00459EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 5:14 p.m.89 views

CVE-2025-33074

The CVE-2025-33074 entry describes an improper verification of cryptographic signatures in Microsoft Azure Functions, enabling an authenticated attacker to execute code over a network. Several connected sources corroborate the issue across vendors and regions (NVD/NVDC, Red Hat, CNVD, MSRC, PT Se...

8.8CVSS7.6AI score0.00459EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/30 5:14 p.m.30 views

CVE-2025-33074 Azure Functions Remote Code Execution Vulnerability

...

7.5CVSS0.00459EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/04/30 7:0 a.m.24 views

Azure Functions Remote Code Execution Vulnerability

Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...

8.8CVSS7.3AI score0.00459EPSS
Exploits0
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.7 views

Microsoft Azure Functions 数据伪造问题漏洞

Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that provides event-driven and scheduled compute resources for Azure cloud services. Microsoft Azure Functions has a data forgery issue vulnerability that stems from improper cryptographic...

8.8CVSS8AI score0.00459EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.6 views

PT-2025-18304 · Microsoft · Azure Functions

Name of the Vulnerable Software and Affected Versions: Microsoft Azure Functions affected versions not specified Description: The issue is related to the improper verification of cryptographic signatures in Microsoft Azure Functions, allowing an authorized attacker to execute code over a network...

8.8CVSS6.3AI score0.00459EPSS
Exploits0References8
Information Security Automation
Information Security Automation
added 2024/11/12 10:48 p.m.76 views

November Microsoft Patch Tuesday

November Microsoft Patch Tuesday. 125 CVEs, 35 of which were added since October MSPT. 2 vulnerabilities with signs of exploitation in the wild: Elevation of Privilege - Windows Task Scheduler CVE-2024-49039 Disclosure/Spoofing - NTLM Hash CVE-2024-43451 No signs of exploitation, but with a priva...

9.8CVSS7.5AI score0.81817EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.7 views

The vulnerability of the Imagine Cup platform’s code execution mechanism for Microsoft Azure Functions allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Imagine Cup platform’s Microsoft Azure Functions component is related to lack of access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00961EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2024/10/15 12:0 a.m.29 views

KLA74056 OSI vulnerability in Microsoft Azure

Information disclosure vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-38204 Related products Microsoft-Azure CVE list CVE-2024-38204 high Solution Install necessary updates from the KB sectio...

7.5CVSS7.5AI score0.00961EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.5 views

PT-2024-7082 · Microsoft · Azure Functions +1

Name of the Vulnerable Software and Affected Versions: Imagine Cup affected versions not specified Description: The issue is related to improper access control in Imagine Cup, allowing an authorized attacker to elevate privileges over a network. This can potentially lead to unauthorized access to...

7.8CVSS6.7AI score0.00961EPSS
Exploits0References11
The Hacker News
The Hacker News
added 2024/05/29 2:58 p.m.21 views

Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha

Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan RAT called AllaSenha. The malware is "specifically aimed at stealing credentials that are required to access Brazilian bank accounts, and leverages...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/11 1:0 p.m.29 views

Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers

A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/11 1:0 p.m.4 views

Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers

A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal...

8.1AI score
Exploits0
MSRC
MSRC
added 2023/04/11 7:0 a.m.9 views

Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access

Summary Azure provides developers and security operations staff a wide array of configurable security options to meet organizational needs. Throughout the software development lifecycle, it is important for customers to understand the shared responsibility model, as well as be familiar with vario...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/17 2:12 p.m.71 views

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

Four different Microsoft Azure services have been found vulnerable to server-side request forgery SSRF attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/17 2:12 p.m.3 views

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

Four different Microsoft Azure services have been found vulnerable to server-side request forgery SSRF attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API...

7.2AI score
Exploits0
Rows per page
Query Builder