Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
5 CRITICAL12 HIGH2 MEDIUM1 LOW ⚡ 1 KEV
CVE-2024-49035
CRITICAL CVSS 9.8 KEV
Find Similar
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2026-24303
CRITICAL CVSS 9.6
Find Similar
Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2025-29814
HIGH CVSS 8.8
Find Similar
Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2025-65041
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.016
CVE-2024-38182
CRITICAL CVSS 9.8
Find Similar
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
microsoft
NVD RRF 0.015
CVE-2024-38183
CRITICAL CVSS 9.8
Find Similar
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network.
microsoft
NVD RRF 0.015
CVE-2024-38139
HIGH CVSS 8.8
Find Similar
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.015
CVE-2024-43460
HIGH CVSS 8.8
Find Similar
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network.
microsoft
NVD RRF 0.015
CVE-2026-26119
HIGH CVSS 8.8
Find Similar
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2025-24053
HIGH CVSS 7.2
Find Similar
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2025-49731
LOW CVSS 3.1
Find Similar
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.014
CVE-2026-23660
HIGH CVSS 7.8
Find Similar
Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.013
CVE-2026-27914
HIGH CVSS 7.8
Find Similar
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.013
CVE-2025-29826
HIGH CVSS 8.8
Find Similar
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.013
CVE-2026-34327
HIGH CVSS 8.2
Find Similar
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.
microsoft
NVD RRF 0.013
CVE-2025-47179
MEDIUM CVSS 6.7
Find Similar
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.013
CVE-2025-62931
MEDIUM CVSS 4.3
Find Similar
Missing Authorization vulnerability in microsoftstart MSN Partner Hub microsoft-start allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MSN Partner Hub: from n
NVD RRF 0.013
Page 1+ Next →