Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network.
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.
Improper access control in Microsoft Teams allows an unauthorized attacker to disclose information over a network.
CVE-2026-33105
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-33844
CRITICAL CVSS 9.0
Find Similar
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
CVE-2026-33109
CRITICAL CVSS 9.9
Find Similar
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
CVE-2024-38194
CRITICAL CVSS 9.9
Find Similar
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.
CVE-2026-35435
CRITICAL CVSS 10.0
Find Similar
Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.
Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an unauthorized attacker to disclose information over a network.
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.
Page 1+ Next →