5 matches found
CVE-2025-29807
CVE-2025-29807 is a remotely exploitable vulnerability affecting Microsoft Dataverse (and related Dynamics products) in which an attacker can trigger code execution by deserializing untrusted data. The issue is described as a Deserialization of untrusted data that allows an authorized attacker to...
CVE-2025-47732
CVE-2025-47732 is a Microsoft Dataverse remote code execution vulnerability caused by deserialization of untrusted data. The issue enables an authenticated attacker to run arbitrary code over the network. In the ENISA/NCSC and CVE listings, the impact is described as remote code execution with hi...
CVE-2025-24053
CVE-2025-24053 is linked to Microsoft Dataverse and is described as an improper authentication vulnerability that could allow an authenticated attacker to escalate privileges over the network. The vulnerability is documented across multiple feeds (NVD, Microsoft, Red Hat) with the same essence: e...
CVE-2024-38139
Microsoft Dataverse contains an elevation of privilege vulnerability due to improper authentication. An authorized attacker could elevate privileges over the network. Affected component/function is Dataverse authentication/auth checks. Underlying impact includes high confidentiality and integrity...
CVE-2025-29826
CVE-2025-29826 is reported as a Microsoft Dataverse elevation-of-privilege vulnerability caused by improper handling of permissions. The initial description and multiple connected sources consistently identify Microsoft Dataverse as the affected product and an authorization-based privilege escala...