23 matches found
EUVD-2026-35507
Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...
CVE-2026-47643
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network...
CVE-2026-41098
Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...
CVE-2026-47643
CVE-2026-47643 affects Azure Stack Edge, where external control of a file name or path can let an unauthenticated attacker execute code over the network. The NVD/CVE records describe the impact as remote code execution with high severity (CVSS v3.1: 9.8, NETWORK attack vector, no user interaction...
CVE-2026-47643 Azure Stack Edge Remote Code Execution Vulnerability
...
EUVD-2026-35579
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network...
CVE-2026-41098 Azure Stack Edge Spoofing Vulnerability
...
CVE-2026-41098 Azure Stack Edge Spoofing Vulnerability
...
CVE-2026-41098
Azure Stack Edge is affected by CVE-2026-41098 due to improper neutralization of input during web page generation, enabling cross-site scripting. The vulnerability is exploitable by an authorized attacker over the network to perform spoofing. The CVSS 3.1 metrics indicate a high-impact, network-e...
Azure Stack Edge Remote Code Execution Vulnerability
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network...
PT-2026-47873
Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...
PT-2026-48038
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network...
EUVD-2022-40575
Malicious code in bioql PyPI...
Microsoft Azure Data Box Gateway 安全漏洞
Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Azure Data Box Gateway. The following products and versions are affected: Azure Data Box Gateway, Azure Stack Edge...
The vulnerability of the Azure Arc for local infrastructure connection software in Azure Stack Edge storage services allows a perpetrator to escalate their privileges.
The vulnerability of the Azure Arc for local infrastructure connection software in Azure Stack Edge storage solutions is related to access control errors. Exploiting this vulnerability could allow an attacker to increase their privileges remotely...
CVE-2022-37968
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...
CVE-2022-37968
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...
CVE-2022-37968
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...
Code injection
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...