Lucene search
K

153 matches found

Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.20 views

PT-2026-38582

Name of the Vulnerable Software and Affected Versions Azure Cloud Shell affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to perform command injection, which can enable network-based spoofing attacks...

10CVSS5.8AI score0.00933EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

Microsoft Azure Cloud Shell 命令注入漏洞

Microsoft Azure Cloud Shell is a browser-based cloud command-line environment developed by Microsoft Corporation. There is a command injection vulnerability in Microsoft Azure Cloud Shell, which stems from improper neutralization of special elements in commands. This vulnerability could allow...

9.6CVSS6AI score0.00933EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/05/07 12:0 a.m.17 views

KLA91030 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azur...

10CVSS6.8AI score0.01164EPSS
Exploits0References11
NVD
NVD
added 2026/04/24 1:16 p.m.21 views

CVE-2026-21515

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network...

9.9CVSS0.00701EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2026/04/20 4:0 p.m.9 views

Making opportunistic cyberattacks harder by design

This is part of a series of blogs and interviews conducted with our Microsoft Deputy CISOs , in which we surface a number of mission-critical security recommendations and best practices that businesses can enact right now and derive real meaningful benefits from. In this article, Ilya Grebnov,...

6AI score
Exploits0
OSV
OSV
added 2026/04/17 7:53 a.m.6 views

MAL-2026-2831 Malicious code in azure-ai-agentserver-githubcopilot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5302d683e413611c8a5f1bcfb18c19e34353a50c1d4450546b284197bab5a6f7 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...

5.8AI score
Exploits0References1
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.6 views

GHSA-G4VW-3HQ5-Q7GR vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-aws, linux-azure, linux-gcp, linux-qemu...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.5 views

CVE-2026-23210 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-aws, linux-azure, linux-gcp, linux-qemu...

4.7CVSS5.9AI score0.00106EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.6 views

CVE-2026-23226 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-aws, linux-azure, linux-gcp, linux-qemu...

8.8CVSS7.3AI score0.00423EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/02 11:27 p.m.21 views

CVE-2026-32211 Azure MCP Server Information Disclosure Vulnerability

...

9.1CVSS0.00827EPSS
Exploits0References1
Wiz blog
Wiz blog
added 2026/03/27 1:38 p.m.9 views

Beyond the Badge: What Achieving Microsoft’s Certified Software Designation Means for Your Cloud Security

Verified by Microsoft. Built for Azure. Secured by Wiz...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.4 views

CVE-2026-32169

Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.0055EPSS
Exploits0References1
Krebs on Security
Krebs on Security
added 2026/03/23 3:43 p.m.9 views

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language. Experts say the wip...

5.9AI score
Exploits0
EUVD
EUVD
added 2026/03/19 9:30 p.m.10 views

EUVD-2026-13204

Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.0055EPSS
Exploits0References2
NVD
NVD
added 2026/03/19 9:17 p.m.4 views

CVE-2026-32169

Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.0055EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/19 9:6 p.m.1 views

CVE-2026-32169 Azure Cloud Shell Elevation of Privilege Vulnerability

...

10CVSS5.8AI score0.0055EPSS
Exploits0References1
CVE
CVE
added 2026/03/19 9:6 p.m.20 views

CVE-2026-32169

Azure Cloud Shell contains a server-side request forgery (SSRF) vulnerability (CVE-2026-32169) that could allow an unauthenticated attacker to elevate privileges over a network. The CVSS v3.1 base score is 10.0 (CRITICAL) with network attack vector, low complexity, no privileges required, no user...

10CVSS5.8AI score0.0055EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/19 9:6 p.m.24 views

CVE-2026-32169 Azure Cloud Shell Elevation of Privilege Vulnerability

...

10CVSS0.0055EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/03/19 2:0 p.m.6 views

Azure Cloud Shell Elevation of Privilege Vulnerability

Server-side request forgery ssrf in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.0055EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.12 views

PT-2026-26363

Name of the Vulnerable Software and Affected Versions Azure Cloud Shell affected versions not specified Description A server-side request forgery SSRF issue exists in Azure Cloud Shell. This allows an unauthorized attacker to elevate privileges over a network. Server-side request forgery is a web...

10CVSS6AI score0.0055EPSS
Exploits0References8
Rows per page
Query Builder