2357 matches found
PYSEC-2026-1208 Azure Core is vulnerable to deserialization of untrusted data
Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network...
CVE-2026-55945
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Edge Chromium-based allows an authorized attacker to disclose information locally...
EUVD-2026-41443
Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...
EUVD-2026-41444
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network...
EUVD-2026-41446
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-26145
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network...
CVE-2026-45499
Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...
Azure OpenAI Elevation of Privilege Vulnerability
Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...
PT-2026-55319
Name of the Vulnerable Software and Affected Versions Azure OpenAI affected versions not specified Description A server-side request forgery SSRF issue exists in Azure OpenAI. This flaw allows an authorized attacker to elevate privileges over a network. SSRF is a vulnerability where an attacker c...
CVE-2026-50521
Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...
CVE-2026-32208
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Entra ID allows an authorized attacker to perform spoofing over a network...
CVE-2026-48582
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
EUVD-2026-38090
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
EUVD-2026-38085
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an authorized attacker to perform spoofing over a network...
PT-2026-51033
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Online affected versions not specified Description Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. There have been reports of elevated activities targeti...
PT-2026-51034
Name of the Vulnerable Software and Affected Versions Azure Synapse affected versions not specified Description Execution with unnecessary privileges allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version th...
Microsoft Exchange Online Elevation of Privilege Vulnerability
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
Dynamics 365 Elevation of Privilege Vulnerability
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...