Search CVEs

Top 20 matches Showing top matches — use filters or a more specific query to narrow

CVE-2026-47280

CRITICAL CVSS 9.8

Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-45480

CRITICAL CVSS 10.0

Find Similar

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-24304

HIGH CVSS 8.8

Find Similar

Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-42822

CRITICAL CVSS 10.0

Find Similar

Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-32174

HIGH CVSS 8.8

Find Similar

Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-24302

CRITICAL CVSS 9.8

Find Similar

Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2025-30390

HIGH CVSS 8.8

Find Similar

Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-48584

CRITICAL CVSS 9.9

Find Similar

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.

CVE-2026-42834

HIGH CVSS 7.8

Find Similar

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-41086

HIGH CVSS 8.8

Find Similar

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-40381

HIGH CVSS 7.8

Find Similar

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-29827

HIGH CVSS 8.8

Find Similar

Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2024-38194

CRITICAL CVSS 9.9

Find Similar

An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.

microsoft

CVE-2025-49746

HIGH CVSS 8.8

Find Similar

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2024-38139

HIGH CVSS 8.8

Find Similar

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-42823

CRITICAL CVSS 9.9

Find Similar

Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-42902

HIGH CVSS 7.8

Find Similar

Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-47179

MEDIUM CVSS 6.7

Find Similar

Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-24053

HIGH CVSS 7.2

Find Similar

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-35438

HIGH CVSS 8.3

Find Similar

Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

microsoft

Page 1+ Next →