12917 matches found
CVE-2026-48584
CVE-2026-48584 affects Microsoft Azure Synapse. An authorized attacker with low privileges and network access can execute with unnecessary privileges to elevate to higher privileges across the system, with potential impact to confidentiality, integrity and availability (CVSS 3.1: CRITICAL, AV:N/A...
EUVD-2026-38088
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network...
CVE-2026-45480
CVE-2026-45480 affects Azure Active Directory; improper authentication enables elevation of privileges over a network. The CVSS 3.1 score is 10.0 (CRITICAL) with network attack vector, no user interaction, and HIGH impact on confidentiality, integrity, and availability. No specific patch version ...
EUVD-2026-38086
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-37945
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network...
CVE-2026-32174 Azure Bot Service Elevation of Privilege Vulnerability
...
CVE-2026-32174
CVE-2026-32174 concerns improper authentication in Azure Bot Service , enabling an authorized attacker to achieve privilege elevation over a network . The CVSS v3.1 base score is 7.7 (HIGH) with impact to Integrity (HIGH) and no confidentiality impact, no availability impact. Root cause: flawed a...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, Faspex on Demand, Server on Demand, Application on Demand,
Question Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, Faspex on Demand, Server on Demand, Application on Demand, and Azure on Demand CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 ... "Business Unit":"code":"BU059","label":"IBM...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, faspex on Demand, Server on Demand, Application Platform on
Question Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, faspex on Demand, Server on Demand, Application Platform on Demand, and Azure on Demand. CVE-2016-2107, CVE-2016-2106, CVE-2016-2176 "Business Unit":"code":"BU059","label":"IBM Software w/o...
Azure Bot Service Elevation of Privilege Vulnerability
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network...
Microsoft Azure Synapse Elevation of Privilege Vulnerability
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network...
Azure Active Directory Elevation of Privilege Vulnerability
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network...
ROOT-APP-GOBINARY-CVE-2026-32952 CVE-2026-32952 in rootio-github.com/Azure/go-ntlmssp - Patched by Root
Root has patched CVE-2026-32952 in the rootio-github.com/Azure/go-ntlmssp package for Root:Go. Multiple fixed versions available...
PT-2026-50798
Name of the Vulnerable Software and Affected Versions Azure Bot Service affected versions not specified Description Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer...
USN-8426-2 linux-azure vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7107: Backport to 4.18.z CLONE - ODF Console is breaking DFBUGS-7064: RHODF 4.18.24 release DFBUGS-7046:...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7345: RHODF 4.16.30 release DFBUGS-7105: Backport to 4.16.z CLONE - ODF Console is breaking DFBUGS-6743:...
Malicious code in event-metrics-q3x7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b805c0ac88b45f49b1698fb9ea33e00767380544221d574a0da0e0f526d07f8 On install, package.json runs a postinstall hook node run.js that triggers beacon scripts beacon20.js, beaconlinux.js shipped in the tarball. The...
USN-8426-1: Linux kernel (Azure) vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-11332)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-11332 advisory. - A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency...