External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally.
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally.
Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network.
External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.
Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicio
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network.
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file s
Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.