Lucene search
K

7 matches found

CVE
CVE
added 2020/10/16 10:17 p.m.155 views

CVE-2020-16943

CVE-2020-16943 affects Microsoft Dynamics 365 Commerce. An unauthenticated attacker could elevate privileges and update data by sending a specially crafted request; exploitation relies on bypassing/violating authorization checks. The issue is addressed by a security update that corrects how Dynam...

6.5CVSS6.5AI score0.011EPSS
CVE
CVE
added 2021/05/11 7:11 p.m.118 views

CVE-2021-28461

CVE-2021-28461 is a documented Cross-site Scripting (XSS) vulnerability affecting Microsoft Dynamics 365 for Finance and Operations. Connected sources confirm the flaw targets the Dynamics 365 for Finance and Operations web interface, enabling spoofing of the user interface and potential executio...

6.1CVSS6.1AI score0.01323EPSS
CVE
CVE
added 2023/12/12 6:10 p.m.75 views

CVE-2023-35621

CVE-2023-35621 is a Denial-of-Service vulnerability affecting Microsoft Dynamics 365 for Finance and Operations (on‑premises). The issue is exposed over the network and can be triggered remotely to impact availability; CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base 7.5, HIGH). Connect...

7.5CVSS7.5AI score0.02339EPSS
CVE
CVE
added 2026/06/18 9:42 p.m.61 views

CVE-2026-47647

CVE-2026-47647 relates to Microsoft Dynamics 365 and involves an improper access control that enables an authorized attacker to perform a network-based privilege escalation. The CVSS 3.1 metrics indicate a high-severity, network-exposed issue with low attack complexity and low privileges required...

9.9CVSS5.3AI score0.00426EPSS
CVE
CVE
added 2025/06/20 1:4 a.m.43 views

CVE-2025-49715

CVE-2025-49715 relates to an information disclosure in Microsoft Dynamics 365 FastTrack Implementation Assets. Affected product: Dynamics 365 FastTrack Implementation Assets. The description states that private personal information can be exposed to an unauthorized actor over a network, indicatin...

7.5CVSS7.2AI score0.00685EPSS
CVE
CVE
added 2025/09/04 11:9 p.m.38 views

CVE-2025-55238

CVE-2025-55238 affects Microsoft Dynamics 365 FastTrack Implementation Assets. The connected sources describe an information disclosure vulnerability arising from an access control error, enabling leakage of asset information. No concrete exploit details, affected version ranges, or remediation/f...

7.5CVSS5.9AI score0.00764EPSS
CVE
CVE
added 2026/04/23 9:35 p.m.28 views

CVE-2026-32210

Technical details are not publicly available in the provided documents for CVE-2026-32210. Monitor for updates.

9.3CVSS5.8AI score0.00584EPSS