Search
Search Results (630 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49747 | 1 Microsoft | 1 Azure Machine Learning | 2026-02-13 | 9.9 Critical |
| Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-47981 | 1 Microsoft | 26 Windows, Windows 10, Windows 10 1507 and 23 more | 2026-02-13 | 9.8 Critical |
| Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53767 | 1 Microsoft | 3 Azure, Azure Open-ai, Azure Openai | 2026-02-13 | 10 Critical |
| Azure OpenAI Elevation of Privilege Vulnerability | ||||
| CVE-2025-53792 | 1 Microsoft | 2 Azure, Azure Portal | 2026-02-13 | 9.1 Critical |
| Azure Portal Elevation of Privilege Vulnerability | ||||
| CVE-2025-53766 | 1 Microsoft | 29 Gdi+, Gdiplus, Office and 26 more | 2026-02-13 | 9.8 Critical |
| Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-50171 | 1 Microsoft | 12 Server, Windows, Windows 10 21h2 and 9 more | 2026-02-13 | 9.1 Critical |
| Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-50165 | 1 Microsoft | 6 Server, Windows, Windows 11 24h2 and 3 more | 2026-02-13 | 9.8 Critical |
| Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53795 | 1 Microsoft | 1 Pc Manager | 2026-02-13 | 9.1 Critical |
| Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-53763 | 1 Microsoft | 2 Azure, Office Purview Data Governance | 2026-02-13 | 9.8 Critical |
| Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-55244 | 1 Microsoft | 3 Azure, Azure Ai Bot Service, Azure Bot Service | 2026-02-13 | 9 Critical |
| Azure Bot Service Elevation of Privilege Vulnerability | ||||
| CVE-2025-54914 | 1 Microsoft | 2 Azure, Azure Networking | 2026-02-13 | 10 Critical |
| Azure Networking Elevation of Privilege Vulnerability | ||||
| CVE-2025-55241 | 1 Microsoft | 2 Entra Id, Microsoft Entra Id | 2026-02-13 | 10 Critical |
| Azure Entra ID Elevation of Privilege Vulnerability | ||||
| CVE-2025-55232 | 1 Microsoft | 2 Hpc Pack, Microsoft Hpc Pack 2019 | 2026-02-13 | 9.8 Critical |
| Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-65037 | 1 Microsoft | 1 Azure Container Apps | 2026-02-13 | 10 Critical |
| Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-65041 | 1 Microsoft | 1 Partner Center | 2026-02-13 | 10 Critical |
| Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-64663 | 1 Microsoft | 2 Azure Cognitive Service For Language, Azure Language | 2026-02-13 | 9.9 Critical |
| Custom Question Answering Elevation of Privilege Vulnerability | ||||
| CVE-2024-43468 | 1 Microsoft | 4 Configuration Manager, Configuration Manager 2403, Configuration Manager 2409 and 1 more | 2026-02-13 | 9.8 Critical |
| Microsoft Configuration Manager Remote Code Execution Vulnerability | ||||
| CVE-2024-38164 | 1 Microsoft | 1 Groupme | 2026-02-10 | 9.6 Critical |
| An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link. | ||||
| CVE-2024-38076 | 1 Microsoft | 5 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 2 more | 2026-02-10 | 9.8 Critical |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | ||||
| CVE-2024-38074 | 1 Microsoft | 9 Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and 6 more | 2026-02-10 | 9.8 Critical |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | ||||