Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network.
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.
Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.
Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
Windows Local Spooler Remote Code Execution Vulnerability
Azure DevOps Server Remote Code Execution Vulnerability
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a network.
Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.
USB Audio Class System Driver Remote Code Execution Vulnerability
Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network.
Active Directory Domain Services Elevation of Privilege Vulnerability
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network.
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
Server-side request forgery (ssrf) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network.
Microsoft SharePoint Server Remote Code Execution Vulnerability
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Active Directory Certificate Services Elevation of Privilege Vulnerability
Windows Group Policy Elevation of Privilege Vulnerability
Windows Workstation Service Elevation of Privilege Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft SQL Elevation of Privilege Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Microsoft SQL Server Remote Code Execution Vulnerability
Windows Enterprise App Management Service Remote Code Execution Vulnerability
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
Active Directory Domain Services Elevation of Privilege Vulnerability
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Microsoft SharePoint Server Remote Code Execution Vulnerability
Windows Kerberos Elevation of Privilege Vulnerability
Windows Server Service Tampering Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Active Directory Domain Services Elevation of Privilege Vulnerability
Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability