1304 matches found
EUVD-2026-37947
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...
CVE-2026-47647
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...
CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability
...
CVE-2026-47647
CVE-2026-47647 relates to Microsoft Dynamics 365 and involves an improper access control that enables an authorized attacker to perform a network-based privilege escalation. The CVSS 3.1 metrics indicate a high-severity, network-exposed issue with low attack complexity and low privileges required...
Dynamics 365 Customer Voice Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network...
Dynamics 365 Elevation of Privilege Vulnerability
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...
PT-2026-50800
Name of the Vulnerable Software and Affected Versions Microsoft Dynamics 365 affected versions not specified Description Improper access control allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...
Security Updates for Microsoft Dynamics 365 (on-premises) (June 2026)
The Microsoft Dynamics 365 on-premises is missing a security update. It is, therefore, affected by a vulnerability: - Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network. CVE-2026-4037...
CVE-2026-40371
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
EUVD-2026-35532
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
CVE-2026-40371
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
...
CVE-2026-40371
Technical details (affected product/component, root cause, and fix) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
...
Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
PT-2026-47868
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
Microsoft Dynamics 365 安全漏洞
Microsoft Dynamics 365 is a ERP business solution developed by the American company Microsoft, designed for multinational enterprises. It is used for financial management, production management, and business intelligence management, among other purposes. There are security vulnerabilities in...
Security Updates for Microsoft Dynamics 365 Business Central (May 2026) (CVE-2026-40417)
The Microsoft Dynamics 365 Business Central install is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability: - Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally. CVE-2026-40417 Note that Nessus...
Microsoft Dynamics 365 (on-premises) < 9.1.45.11 Multiple RCE (May 2026)
The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities: - Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...