52 matches found
EUVD-2023-39394
Malicious code in bioql PyPI...
EUVD-2025-14050
Malicious code in bioql PyPI...
EUVD-2025-12759
Malicious code in bioql PyPI...
EUVD-2025-14449
Malicious code in bioql PyPI...
USN-7609-5: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...
USN-7609-4: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...
KLA84763 SUI vulnerability in Microsoft Azure
Security UI vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to perform cross-site scripting attack, spoof user interface. Original advisories CVE-2025-47977 Related products Microsoft-Azure CVE list CVE-2025-47977 critical Solution Install necessary...
CVE-2025-29972
Server-Side Request Forgery SSRF in Azure allows an authorized attacker to perform spoofing over a network...
CVE-2025-33072
Improper access control in Azure allows an unauthorized attacker to disclose information over a network...
CVE-2025-33072
Improper access control in Azure allows an unauthorized attacker to disclose information over a network...
CVE-2025-30390
Improper authorization in Azure allows an authorized attacker to elevate privileges over a network...
CVE-2025-30390
Improper authorization in Azure allows an authorized attacker to elevate privileges over a network...
CVE-2025-30390
CVE-2025-30390 affects Microsoft Azure Machine Learning Compute. Described as an improper authorization vulnerability that enables an authorized attacker to elevate privileges over a network. Root cause is improper authorization in Azure; impact is privilege escalation (high/critical). Exploitati...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company's cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
Tech Accelerator: Azure security and AI adoption
Are you looking for guidance on how to effectively integrate security best practices within your Azure and AI projects? We know the pace of technological innovation offers as many opportunities as it does challenges. However, security cannot be an afterthought as you create Azure deployments and...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49966)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49966 advisory. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: cancel dqisyncwork before freeing...
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below - CVE-2025-21396 CVSS score: 7.5 - Microsoft Accou...
CVE-2024-38098
CVE-2024-38098 (Azure Connected Machine Agent Elevation of Privilege) affects the Azure Connected Machine Agent. Reported CVSSv3.1 base score 7.8 (LOCAL, LOW Privileges, NONE user interaction; Confidentiality/Integrity/Availability HIGH). Connected documents indicate an elevation-of-privilege fla...
Microsoft Open Management Infrastructure Security Vulnerability
Microsoft Open Management Infrastructure is a free, open source Common Information Model CIM management server from Microsoft. A security vulnerability exists in Microsoft Open Management Infrastructure. An attacker could exploit this vulnerability to gain elevated privileges. The following...
CVE-2023-36737
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability...