Lucene search
K

53 matches found

Snyk
Snyk
added 2026/02/10 6:55 p.m.5 views

Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in in Azure Compute Gallery, which writes MAA tokens in the debug log. Remediation Upgrade github.com/Microsoft/confidential-sidecar-containers/cmd/azmount/filemanager to version 2.12 or higher...

7.1CVSS5.5AI score0.00954EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/10 6:55 p.m.6 views

Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in in Azure Compute Gallery, which writes MAA tokens in the debug log. Remediation Upgrade github.com/Microsoft/confidential-sidecar-containers/pkg/skr to version 2.12 or higher. References -...

7.1CVSS5.5AI score0.00954EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 6:16 p.m.10 views

CVE-2026-23655

Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.00954EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 6:16 p.m.14 views

CVE-2026-23655

Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...

6.5CVSS0.00954EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 6:16 p.m.7 views

CVE-2026-21522

Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS0.00415EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 6:16 p.m.14 views

CVE-2026-21522

Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS5.7AI score0.00415EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 5:51 p.m.6 views

CVE-2026-21522

Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS5.5AI score0.00415EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/10 5:51 p.m.7 views

CVE-2026-23655

Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...

6.5CVSS5.4AI score0.00954EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.6 views

Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS5.6AI score0.00415EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.6 views

Microsoft ACI Confidential Containers Information Disclosure Vulnerability

Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...

6.5CVSS5.4AI score0.00954EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.11 views

PT-2026-7414

Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description An authorized attacker may be able to disclose sensitive information over a network due to the cleartext storage of that information within Azure Compute Gallery. Approximately...

6.5CVSS5.2AI score0.00954EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.9 views

PT-2026-7405

Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS5.5AI score0.00415EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.7 views

Microsoft Azure Compute Gallery 命令注入漏洞

Microsoft Azure Compute Gallery is a service provided by Microsoft in the United States that manages virtual machines. There is a command injection vulnerability present in Microsoft Azure Compute Gallery. Attackers can exploit this vulnerability to gain higher privileges...

6.7CVSS5.8AI score0.00415EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.7 views

Microsoft Azure Compute Gallery 安全漏洞

Microsoft Azure Compute Gallery is a service provided by Microsoft in the United States that manages virtual machines. There are security vulnerabilities in Microsoft Azure Compute Gallery. Attackers can exploit these vulnerabilities to obtain sensitive information...

6.5CVSS5.8AI score0.00954EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/24 9:35 p.m.11 views

CVE-2025-59503

Server-side request forgery ssrf in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network...

10CVSS6.9AI score0.007EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/24 12:30 a.m.5 views

EUVD-2025-35744

Server-side request forgery ssrf in Azure Compute Gallery allows an authorized attacker to elevate privileges over a network...

9.9CVSS6.4AI score0.007EPSS
Exploits0References2
NVD
NVD
added 2025/10/23 10:15 p.m.5 views

CVE-2025-59503

Server-side request forgery ssrf in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.007EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/10/23 2:0 p.m.9 views

Azure Compute Resource Provider Elevation of Privilege Vulnerability

Server-side request forgery ssrf in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network...

10CVSS6.9AI score0.007EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.8 views

PT-2025-43564

Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description An authorized attacker can elevate privileges over a network due to a server-side request forgery issue in Azure Compute Gallery. This allows for potential misuse of network...

10CVSS6.5AI score0.007EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.4 views

Microsoft Azure Compute Gallery 代码问题漏洞

Microsoft Azure Compute Gallery is a service for managing virtual machines from Microsoft Corporation in the United States. A code issue vulnerability exists in Microsoft Azure Compute Gallery that stems from server-side request forgery and could lead to an authorized attacker to elevate privileg...

10CVSS6.7AI score0.007EPSS
Exploits0References1
Rows per page
Query Builder