1006 matches found
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability
...
EUVD-2026-35504
Improper limitation of a pathname to a restricted directory 'path traversal' in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally...
CVE-2026-45476 Microsoft Azure Network Adapter Elevation of Privilege Vulnerability
...
CVE-2026-45476 Microsoft Azure Network Adapter Elevation of Privilege Vulnerability
...
CVE-2026-45642 Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability
...
CVE-2026-45642 Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability
...
CLEANSTART-2026-ON25409 Security fixes for CVE-2026-25679, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289 applied in versions: 1.13.1-r1, 1.13.2-r0, 1.13.2-r1
Multiple security vulnerabilities affect the velero-plugin-for-microsoft-azure-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Introducing Wiz Cloud Cost: Powering Cost Management and Optimization with Context
Wiz unifies cloud and AI cost visibility to help teams eliminate waste and improve spend efficiency across their AWS, Azure, and GCP environments...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services AWS, Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. "Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified f...
Microsoft Azure HorizonDB 安全漏洞
Microsoft Azure HorizonDB is a cloud-native PostgreSQL database service provided by Microsoft Corporation. There is a security vulnerability in Microsoft Azure HorizonDB, which stems from bypassing authentication through deception. This could allow unauthorized attackers to escalate their...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
CVE-2026-33843 Microsoft Azure Active Directory B2C Elevation of Privilege Vulnerability
...
Microsoft Azure Virtual Network Gateway 输入验证错误漏洞
Microsoft Azure Virtual Network Gateway is a cloud gateway service provided by Microsoft that supports VPN and cross-network connectivity. There is an input validation vulnerability in Microsoft Azure Virtual Network Gateway, which stems from improper input validation. This vulnerability may allo...
PT-2026-42841
Name of the Vulnerable Software and Affected Versions Microsoft Azure Active Directory B2C affected versions not specified Description An authentication bypass exists via an alternate path or channel, which allows an unauthorized attacker to elevate privileges over a network. Recommendations At t...
Microsoft Azure Portal Windows Admin Center 后置链接漏洞
Microsoft Azure Portal Windows Admin Center is a Windows server and hybrid cloud management platform integrated with the Azure Portal by Microsoft Corporation. There is a postback link vulnerability in Microsoft Azure Portal Windows Admin Center, which stems from improper link resolution before...