17 matches found
EUVD-2025-12760
Malicious code in bioql PyPI...
EUVD-2025-12757
Malicious code in bioql PyPI...
Azure Bot Framework Chatbot Detected
This is an informational plugin to inform the user that the scanner has detected a publicly accessible Azure Bot Framework chatbot on the target application. Azure Bot Framework is a solution to build & deploy AI customer experiences. This detection is included in the AI and LLM category. No sour...
CVE-2025-30392
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30389
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30389
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30392
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30392
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30392
CVE-2025-30392 concerns an elevation of privilege due to improper authorization in the Azure Bot Framework SDK . The vulnerability allows an unauthenticated attacker to elevate privileges over the network, as described in multiple sources (including Microsoft’s update guidance). Affected componen...
CVE-2025-30389 Azure Bot Framework SDK Elevation of Privilege Vulnerability
...
CVE-2025-30389
CVE-2025-30389 describes an improper authorization issue in the Azure Bot Framework SDK that allows an unauthenticated, network-based attacker to elevate privileges. The NVD entry lists a CRITICAL impact with CVSSv3.1: AV=N, AC=L, PR=NONE, UI=N, S=U, C=H, I=H, A=H (base score 9.8). Microsoft/Red ...
CVE-2025-30389 Azure Bot Framework SDK Elevation of Privilege Vulnerability
...
Azure AI Bot Elevation of Privilege Vulnerability
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
Azure Bot Framework SDK Elevation of Privilege Vulnerability
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
PT-2025-18300
Name of the Vulnerable Software and Affected Versions: Azure Bot Framework SDK affected versions not specified Description: The issue is related to improper authorization in the Azure Bot Framework SDK, allowing an unauthorized attacker to elevate privileges over a network. Recommendations: At th...
PT-2025-18303
Name of the Vulnerable Software and Affected Versions: Azure Bot Framework SDK affected versions not specified Description: The issue is related to improper authorization in the Azure Bot Framework SDK, allowing an unauthorized attacker to elevate privileges over a network. Recommendations: At th...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Developer tools. A local malicious person could exploit the vulnerabilities to execute arbitrary code, or to impersonate a user other than himself. The tables below list the vulnerabilities that have been fixed by Microsoft. Visual Studio Code:...