20 matches found
EUVD-2025-12760
Malicious code in bioql PyPI...
EUVD-2025-12757
Malicious code in bioql PyPI...
Azure Bot Framework Chatbot Detected
This is an informational plugin to inform the user that the scanner has detected a publicly accessible Azure Bot Framework chatbot on the target application. Azure Bot Framework is a solution to build & deploy AI customer experiences. This detection is included in the AI and LLM category. No sour...
CVE-2025-30392
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30389
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30389
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30389
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30392
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30392
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30392
CVE-2025-30392 concerns an elevation of privilege due to improper authorization in the Azure Bot Framework SDK . The vulnerability allows an unauthenticated attacker to elevate privileges over the network, as described in multiple sources (including Microsoft’s update guidance). Affected componen...
CVE-2025-30389 Azure Bot Framework SDK Elevation of Privilege Vulnerability
...
CVE-2025-30389 Azure Bot Framework SDK Elevation of Privilege Vulnerability
...
CVE-2025-30389
CVE-2025-30389 describes an improper authorization issue in the Azure Bot Framework SDK that allows an unauthenticated, network-based attacker to elevate privileges. The NVD entry lists a CRITICAL impact with CVSSv3.1: AV=N, AC=L, PR=NONE, UI=N, S=U, C=H, I=H, A=H (base score 9.8). Microsoft/Red ...
Azure AI Bot Elevation of Privilege Vulnerability
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
Azure Bot Framework SDK Elevation of Privilege Vulnerability
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
Microsoft Azure Bot Framework SDK 授权问题漏洞
The Microsoft Azure Bot Framework SDK is a development framework for building, testing, and deploying enterprise-grade conversational AI bots with support for multi-channel integration and natural language processing from Microsoft USA. An authorization issue vulnerability exists in the Microsoft...
PT-2025-18300
Name of the Vulnerable Software and Affected Versions: Azure Bot Framework SDK affected versions not specified Description: The issue is related to improper authorization in the Azure Bot Framework SDK, allowing an unauthorized attacker to elevate privileges over a network. Recommendations: At th...
Microsoft Azure Bot Framework SDK 授权问题漏洞
The Microsoft Azure Bot Framework SDK is a development framework for building, testing, and deploying enterprise-grade conversational AI bots with support for multi-channel integration and natural language processing from Microsoft USA. An authorization issue vulnerability exists in the Microsoft...
PT-2025-18303
Name of the Vulnerable Software and Affected Versions: Azure Bot Framework SDK affected versions not specified Description: The issue is related to improper authorization in the Azure Bot Framework SDK, allowing an unauthorized attacker to elevate privileges over a network. Recommendations: At th...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Developer tools. A local malicious person could exploit the vulnerabilities to execute arbitrary code, or to impersonate a user other than himself. The tables below list the vulnerabilities that have been fixed by Microsoft. Visual Studio Code:...