Lucene search
+L

68 matches found

thn
thn
•added 2026/07/01 5:46 a.m.•17 views

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface CLI, compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range 2a0a:d683::/32 controlled by...

5.8AI score
Exploits0
osv
osv
•added 2026/06/08 1:2 p.m.•10 views

SUSE-RU-2026:2237-2 Recommended update for aazure-cli, azure-cli-core, azure-cli-telemetry, python-argcomplete, python-azure-ai-agents, python-azure-ai-formrecognizer, python-azure-ai-metricsadvisor, python-azure-ai-projects, python-azure-ai-translation-document, python-azure-ai-translation-text, python-azure-appconfiguration, python-azure-appconfiguration-provider, python-azure-batch, python-azure-cognitiveservices-anomalydetector, python-azure-cognitiveservices-knowledge-qnamaker, python-azure-cognitiveservices-language-luis, python-azure-cognitiveservices-language-spellcheck, python-azure-cognitiveservices-language-textanalytics, python-azure-cognitiveservices-search-autosuggest, python-azure-cognitiveservices-search-customimagesearch, python-azure-cognitiveservices-search-customsearch, python-azure-cognitiveservices-search-entitysearch, python-azure-cognitiveservices-search-imagesearch, python-azure-cognitiveservices-search-videosearch, python-azure-cognitiveservices-search-websearch, python-azure-cognitiveservices-vision-computervision, python-azure-cognitiveservices-vision-contentmoderator, python-azure-cognitiveservices-vision-customvision, python-azure-cognitiveservices-vision-face python-azure-communication-callautomation, python-azure-communication-chat, python-azure-communication-email, python-azure-communication-messages, python-azure-communication-phonenumbers, python-azure-communication-rooms, python-azure-communication-sms, python-azure-core, python-azure-core-tracing-opencensus, python-azure-core-tracing-opentelemetry, python-azure-cosmos, python-azure-data-tables, python-azure-datalake-store, python-azure-developer-devcenter, python-azure-developer-loadtesting, python-azure-digitaltwins-core, python-azure-eventgrid, python-azure-eventhub, python-azure-eventhub-checkpointstoreblob, python-azure-eventhub-checkpointstoreblob-aio, python-azure-graphrbac, python-azure-health-deidentification, python-azure-healthinsights-radiologyinsights, python-azure-identity, python-azure-identity-broker, python-azure-keyvault-administration, python-azure-keyvault-certificates, python-azure-keyvault-keys, python-azure-keyvault-secrets, python-azure-keyvault-securitydomain, python-azure-maps-geolocation, python-azure-maps-route, python-azure-maps-timezone, python-azure-messaging-webpubsubclient, python-azure-messaging-webpubsubservice, python-azure-mgmt-apimanagement, python-azure-mgmt-appcomplianceautomation, python-azure-mgmt-appconfiguration, python-azure-mgmt-appcontainers, python-azure-mgmt-applicationinsights, python-azure-mgmt-appplatform, python-azure-mgmt-arizeaiobservabilityeval, python-azure-mgmt-astro, python-azure-mgmt-authorization, python-azure-mgmt-avs, python-azure-mgmt-azurestackhcivm, python-azure-mgmt-batch, python-azure-mgmt-batchai, python-azure-mgmt-billing, python-azure-mgmt-billingbenefits, python-azure-mgmt-carbonoptimization, python-azure-mgmt-cdn, python-azure-mgmt-chaos, python-azure-mgmt-cloudhealth, python-azure-mgmt-cognitiveservices, python-azure-mgmt-communication, python-azure-mgmt-compute, python-azure-mgmt-computefleet, python-azure-mgmt-computerecommender, python-azure-mgmt-computeschedule, python-azure-mgmt-confluent, python-azure-mgmt-connectedcache, python-azure-mgmt-containerinstance, python-azure-mgmt-containerorchestratorruntime, python-azure-mgmt-containerregistry, python-azure-mgmt-containerservice, python-azure-mgmt-containerservicefleet, python-azure-mgmt-containerservicesafeguards, python-azure-mgmt-core, python-azure-mgmt-cosmosdb, python-azure-mgmt-databasewatcher, python-azure-mgmt-databox, python-azure-mgmt-databoxedge, python-azure-mgmt-datafactory, python-azure-mgmt-datalake-store, python-azure-mgmt-datamigration, python-azure-mgmt-dataprotection, python-azure-mgmt-dellstorage, python-azure-mgmt-dependencymap, python-azure-mgmt-desktopvirtualization, python-azure-mgmt-devcenter, python-azure-mgmt-deviceregistry, python-azure-mgmt-devopsinfrastructure, python-azure-mgmt-devtestlabs, python-azure-mgmt-digitaltwins, python-azure-mgmt-dns, python-azure-mgmt-dnsresolver, python-azure-mgmt-durabletask, python-azure-mgmt-edgeorder, python-azure-mgmt-edgezones, python-azure-mgmt-elastic, python-azure-mgmt-elasticsan, python-azure-mgmt-eventgrid, python-azure-mgmt-eventhub, python-azure-mgmt-extendedlocation, python-azure-mgmt-fabric, python-azure-mgmt-frontdoor, python-azure-mgmt-hardwaresecuritymodules, python-azure-mgmt-hdinsight, python-azure-mgmt-hdinsightcontainers, python-azure-mgmt-healthcareapis, python-azure-mgmt-healthdataaiservices, python-azure-mgmt-hybridcompute, python-azure-mgmt-imagebuilder, python-azure-mgmt-impactreporting, python-azure-mgmt-informaticadatamanagement, python-azure-mgmt-iotfirmwaredefense, python-azure-mgmt-iothub, python-azure-mgmt-iotoperations, python-azure-mgmt-keyvault, python-azure-mgmt-kubernetesconfiguration-extensions, python-azure-mgmt-kubernetesconfiguration-extensiontypes, python-azure-mgmt-kubernetesconfiguration-fluxconfigurations, python-azure-mgmt-kusto, python-azure-mgmt-lambdatesthyperexecute, python-azure-mgmt-largeinstance, python-azure-mgmt-loganalytics, python-azure-mgmt-logz, python-azure-mgmt-media, python-azure-mgmt-migrationassessment, python-azure-mgmt-migrationdiscoverysap, python-azure-mgmt-mobilenetwork, python-azure-mgmt-mongocluster, python-azure-mgmt-mongodbatlas, python-azure-mgmt-monitor, python-azure-mgmt-msi, python-azure-mgmt-mysqlflexibleservers, python-azure-mgmt-neonpostgres, python-azure-mgmt-netapp, python-azure-mgmt-network, python-azure-mgmt-networkcloud, python-azure-mgmt-newrelicobservability, python-azure-mgmt-onlineexperimentation, python-azure-mgmt-oracledatabase, python-azure-mgmt-paloaltonetworksngfw, python-azure-mgmt-pineconevectordb, python-azure-mgmt-planetarycomputer, python-azure-mgmt-playwright, python-azure-mgmt-playwrighttesting, python-azure-mgmt-portalservicescopilot, python-azure-mgmt-postgresqlflexibleservers, python-azure-mgmt-powerbiembedded, python-azure-mgmt-privatedns, python-azure-mgmt-purestorageblock, python-azure-mgmt-quantum, python-azure-mgmt-qumulo, python-azure-mgmt-quota, python-azure-mgmt-rdbms, python-azure-mgmt-recoveryservices, python-azure-mgmt-recoveryservicesbackup, python-azure-mgmt-recoveryservicesdatareplication, python-dnspython, python-trio, python-websocket-client, python-anyio

This update for azure-cli, azure-cli-core, azure-cli-telemetry, python-argcomplete, python-azure-ai-agents, python-azure-ai-formrecognizer, python-azure-ai-metricsadvisor, python-azure-ai-projects, python-azure-ai-translation-document, python-azure-ai-translation-text,...

8.4CVSS5.5AI score0.00788EPSS
Exploits0References11
openvas
openvas
•added 2026/02/20 12:0 a.m.•7 views

Fedora: Security Advisory (FEDORA-2026-45e69bddb9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.00776EPSS
Exploits0References3
openvas
openvas
•added 2026/02/20 12:0 a.m.•8 views

Fedora: Security Advisory (FEDORA-2026-3beebfc8ff)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.00776EPSS
Exploits0References3
nessus
nessus
•added 2026/02/19 12:0 a.m.•6 views

Fedora 43 : azure-cli / python-azure-core (2026-45e69bddb9)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-45e69bddb9 advisory. Update to 1.38.0 to address CVE-2026-21226 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS5.6AI score0.00776EPSS
Exploits0References2
nessus
nessus
•added 2026/02/19 12:0 a.m.•5 views

Fedora 42 : azure-cli / python-azure-core (2026-3beebfc8ff)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-3beebfc8ff advisory. Update to 1.38.0 to address CVE-2026-21226 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS5.6AI score0.00776EPSS
Exploits0References2
opensuse
opensuse
•added 2026/02/18 12:0 a.m.•7 views

azure-cli-core-2.83.0-2.1 on GA media (moderate)

azure-cli-core-2.83.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10211-1 Rating: moderate Cross-References: CVE-2025-24049 CVSS scores: CVE-2025-24049 SUSE : 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2025-24049 SUSE : 8.6...

8.6CVSS5.5AI score0.00403EPSS
Exploits0
nessus
nessus
•added 2026/01/24 12:0 a.m.•4 views

SUSE SLES12 Security Update : azure-cli-core (SUSE-SU-2026:0273-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0273-1 advisory. - CVE-2025-24049: Fix improper neutralization of special elements used in a command which allows an unauthorized attacker to elevate...

8.4CVSS5.7AI score0.00403EPSS
Exploits0References4
osv
osv
•added 2026/01/23 11:26 a.m.•4 views

SUSE-SU-2026:0273-1 Security update for azure-cli-core

This update for azure-cli-core fixes the following issues: - CVE-2025-24049: Fix improper neutralization of special elements used in a command which allows an unauthorized attacker to elevate privileges locally. bsc1239460...

8.4CVSS5.8AI score0.00403EPSS
Exploits0References3
veracode
veracode
•added 2025/12/13 5:2 a.m.•8 views

Improper Restriction Of Command Execution

org.jenkins-ci.plugins, azure-cli is vulnerable to improper restriction of command execution. The vulnerability is due to insufficient validation of executed commands, which allows an attacker with Item/Configure permission to execute arbitrary shell commands on the Jenkins controller...

8.8CVSS6.1AI score0.00556EPSS
Exploits0References3Affected Software1
redhatcve
redhatcve
•added 2025/11/08 1:57 p.m.•29 views

CVE-2025-64140

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...

8.8CVSS7.6AI score0.00556EPSS
Exploits0References1
euvd
euvd
•added 2025/10/29 3:31 p.m.•6 views

EUVD-2025-36658

Jenkins Azure CLI Plugin does not restrict the commands it executes...

8.8CVSS6.6AI score0.00556EPSS
Exploits0References3
snyk
snyk
•added 2025/10/29 3:31 p.m.•4 views

Command Injection

Overview org.jenkins-ci.plugins:azure-cli is an A Jenkins plugin to use Azure CLI for managing Azure resources. ā— This is NOT an official Microsoft plugin 🌟 The advantage of this plugin that it let's you export the CLI result from each command to environment variables and to the next command...

8.8CVSS7.9AI score0.00556EPSS
Exploits0References2
osv
osv
•added 2025/10/29 3:31 p.m.•10 views

GHSA-RH72-238F-G26Q Jenkins Azure CLI Plugin does not restrict the commands it executes

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller. This allows attackers with Item/Configure permission to execute arbitrary shell commands on the Jenkins controller. As of publication of this advisory, there is no fix...

8.8CVSS7.5AI score0.00556EPSS
Exploits0References4
osv
osv
•added 2025/10/29 2:15 p.m.•6 views

CVE-2025-64140

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...

8.8CVSS6.1AI score0.00556EPSS
Exploits0References2
cvelist
cvelist
•added 2025/10/29 1:29 p.m.•13 views

CVE-2025-64140

Jenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with Item/Configure permission to execute arbitrary shell commands...

0.00556EPSS
Exploits0References1
cve
cve
•added 2025/10/29 1:29 p.m.•22 views

CVE-2025-64140

CVE-2025-64140 concerns Jenkins Azure CLI Plugin versions 0.9 and earlier. The root cause is that the plugin does not restrict which commands it can execute on the Jenkins controller, enabling an attacker with Item/Configure permission to run arbitrary shell commands. Reported impacts include ful...

8.8CVSS7.2AI score0.00556EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
•added 2025/10/29 12:0 a.m.•13 views

PT-2025-44289

Name of the Vulnerable Software and Affected Versions Jenkins Azure CLI Plugin versions 0.9 and earlier Description The Jenkins Azure CLI Plugin does not restrict the commands it executes on the Jenkins controller. This allows attackers with Item/Configure permission to execute arbitrary shell...

8.8CVSS7.1AI score0.00556EPSS
Exploits0References10
euvd
euvd
•added 2025/10/03 8:7 p.m.•21 views

EUVD-2022-7010

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.03207EPSS
Exploits1References7
euvd
euvd
•added 2025/10/03 8:7 p.m.•7 views

EUVD-2023-40035

Malicious code in bioql PyPI...

8.6CVSS9.2AI score0.21542EPSS
Exploits0References1
Rows per page
Query Builder