67 matches found
EUVD-2024-40746
Malicious code in bioql PyPI...
EUVD-2023-40788
Malicious code in bioql PyPI...
EUVD-2023-25699
Malicious code in bioql PyPI...
EUVD-2025-0201
Malicious code in bioql PyPI...
The vulnerability of the Azure Service Fabric distributed system, related to incorrect definition of the link before accessing the file, allows attackers to escalate their privileges.
The vulnerability of the Azure Service Fabric distributed system is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to increase their privileges...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in Azure Service Fabric and Monitor Agent. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges or to execute arbitrary code. Service Fabric: |----------------|------|-------------------------------------| | CVE ID | CVSS...
CVE-2025-21195 Azure Service Fabric Runtime Elevation of Privilege Vulnerability
...
CVE-2025-21195 Azure Service Fabric Runtime Elevation of Privilege Vulnerability
...
Azure Service Fabric Runtime Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Service Fabric allows an authorized attacker to elevate privileges locally...
KLA85524 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Azure Monitor Agent can be exploited remotely to execute...
Azure Service Fabric Explorer Information Disclosure (July 2025)
The Azure Service Fabric installed on the remote host is affected by an runtime elevation of privilege vulnerability. A local, authenticated attacker can exploit this to elevate privileges. Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...
CVE-2025-24403
A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins...
CVE-2025-24402
A cross-site request forgery CSRF vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method...
GHSA-GP8P-49GR-JV8J Missing permission checks in Jenkins Azure Service Fabric Plugin
The Jenkins Azure Service Fabric Plugin 1.6 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins. Those can be used as part of an attack to capture the...
Missing permission checks in Jenkins Azure Service Fabric Plugin
The Jenkins Azure Service Fabric Plugin 1.6 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins. Those can be used as part of an attack to capture the...
CSRF vulnerability in Jenkins Azure Service Fabric Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method...
GHSA-WH3H-J8WP-6P42 CSRF vulnerability in Jenkins Azure Service Fabric Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method...
CVE-2025-24402
A cross-site request forgery CSRF vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method...
CVE-2025-24403
A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins...
CVE-2025-24402
A cross-site request forgery CSRF vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method...