| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. |
| Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
| Windows TCP/IP Remote Code Execution Vulnerability |
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability |
| Windows Network Virtualization Remote Code Execution Vulnerability |
| Windows Network Virtualization Remote Code Execution Vulnerability |
| Azure Stack Hub Spoofing Vulnerability |
| Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website. |
| Windows KDC Proxy Remote Code Execution Vulnerability |
| .NET and Visual Studio Remote Code Execution Vulnerability |
| Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network. |
| Azure CycleCloud Remote Code Execution Vulnerability |
| Microsoft Configuration Manager Remote Code Execution Vulnerability |
| Windows Netlogon Elevation of Privilege Vulnerability |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Linux and Microsoft Windows Octopus Server on Windows, Linux allows SQL Injection.This issue affects Octopus Server: from 2024.1.0 before 2024.1.13038, from 2024.2.0 before 2024.2.9482, from 2024.3.0 before 2024.3.12766. |
| CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and
remote code execute via rabbitmq messages. Users can use the code under the master branch in project repo to fix this issue, we will release the new version as soon as possible. |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01. |
| Microsoft Office app Remote Code Execution Vulnerability |
| Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network. |
