Products
Azure
512 CVEs since tracking began. Latest: 2026-06.
Total CVEs
512
Critical
98
Important
408
Exploited
0
Publicly Disclosed
6
All CVEs for this product 512
| CVE | Title | Severity | CVSS | Component | Month | Exploited | Disclosed | Diffed |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32174 | Azure Bot Service Elevation of Privilege Vulnerability | Critical | 7.7 |
Azure Bot Service | 2026-06 | - | - | - |
| CVE-2026-45480 | Azure Active Directory Elevation of Privilege Vulnerability | Critical | 10 |
Azure Active Directory | 2026-06 | - | - | - |
| CVE-2026-48584 | Microsoft Azure Synapse Elevation of Privilege Vulnerability | Critical | 9.9 |
Azure Synapse | 2026-06 | - | - | - |
| CVE-2026-32193 | Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Azure Kubernetes Service | 2026-06 | - | - | - |
| CVE-2026-41098 | Azure Stack Edge Spoofing Vulnerability | Important | 8.4 |
Azure Stack Edge | 2026-06 | - | - | - |
| CVE-2026-47643 | Azure Stack Edge Remote Code Execution Vulnerability | Important | 9.8 |
Azure Stack Edge | 2026-06 | - | - | - |
| CVE-2026-48567 | Azure HorizonDB Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure HorizonDB | 2026-06 | - | - | - |
| CVE-2026-40379 | Azure Entra ID Spoofing Vulnerability | Critical | 7.5 |
Azure Entra ID | 2026-05 | - | - | - |
| CVE-2026-32207 | Azure Machine Learning Notebook Spoofing Vulnerability | Critical | 6.1 |
Azure Machine Learning | 2026-05 | - | - | - |
| CVE-2026-33109 | Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability | Critical | 9.9 |
Azure Managed Instance for Apache Cassandra | 2026-05 | - | - | - |
| CVE-2026-40412 | Azure Orbital Spatio Remote Code Execution Vulnerability | Critical | 9.8 |
Azure Orbital Spatio | 2026-05 | - | - | - |
| CVE-2026-35430 | Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Privileged Identity Management (PIM) | 2026-05 | - | - | - |
| CVE-2026-40411 | Azure Virtual Network Gateway Remote Code Execution Vulnerability | Critical | 8.8 |
Azure Virtual Network Gateway | 2026-05 | - | - | - |
| CVE-2026-47280 | Azure Resource Manager Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Resource Manager (ARM) | 2026-05 | - | - | - |
| CVE-2026-26147 | Azure Stack HCI Information Disclosure Vulnerability | Critical | 7.7 |
Azure Compute Gallery | 2026-05 | - | - | - |
| CVE-2026-33843 | Microsoft Azure Active Directory B2C Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Azure Active Directory B2C | 2026-05 | - | - | - |
| CVE-2026-32204 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Monitor Agent | 2026-05 | - | - | - |
| CVE-2026-33117 | Azure SDK for Java Security Feature Bypass Vulnerability | Important | 9.1 |
Azure SDK | 2026-05 | - | - | - |
| CVE-2026-33833 | Azure Machine Learning Notebook Spoofing Vulnerability | Important | 8.2 |
Azure Machine Learning | 2026-05 | - | - | - |
| CVE-2026-40370 | SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2026-05 | - | - | - |
| CVE-2026-41086 | Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability | Important | 8.8 |
Windows Admin Center | 2026-05 | - | - | - |
| CVE-2026-40381 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Connected Machine Agent | 2026-05 | - | - | - |
| CVE-2026-42823 | Azure Logic Apps Elevation of Privilege Vulnerability | Important | 9.9 |
Azure Logic Apps | 2026-05 | - | - | - |
| CVE-2026-42830 | Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Monitor Agent | 2026-05 | - | - | - |
| CVE-2026-42822 | Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability | Critical | 10 |
Azure Local Disconnected Operations | 2026-05 | - | - | - |
| CVE-2026-42834 | Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Portal Windows Admin Center | 2026-05 | - | - | - |
| CVE-2026-33844 | Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability | Critical | 9 |
Azure Managed Instance for Apache Cassandra | 2026-05 | - | - | - |
| CVE-2026-35428 | Azure Cloud Shell Spoofing Vulnerability | Critical | 9.6 |
Azure Cloud Shell | 2026-05 | - | - | - |
| CVE-2026-35435 | Azure AI Foundry Elevation of Privilege Vulnerability | Critical | 10 |
Azure AI Foundry M365 published agents | 2026-05 | - | - | - |
| CVE-2026-42826 | Azure DevOps Information Disclosure Vulnerability | Critical | 7.5 |
Azure DevOps | 2026-05 | - | - | - |
| CVE-2026-41105 | Azure Monitor Action Group Notification System Elevation of Privilege Vulnerability | Critical | 8.1 |
Azure Notification Service | 2026-05 | - | - | - |
| CVE-2026-23663 | Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability | Critical | 7.5 |
Azure Entra ID | 2026-05 | - | - | - |
| CVE-2026-32167 | SQL Server Elevation of Privilege Vulnerability | Important | 7.8 |
SQL Server | 2026-04 | - | - | - |
| CVE-2026-32168 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Monitor Agent | 2026-04 | - | - | - |
| CVE-2026-32192 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Monitor Agent | 2026-04 | - | - | - |
| CVE-2026-33107 | Azure Databricks Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Databricks | 2026-04 | - | - | - |
| CVE-2026-32171 | Azure Logic Apps Elevation of Privilege Vulnerability | Important | 8.8 |
Azure Logic Apps | 2026-04 | - | - | - |
| CVE-2026-32176 | SQL Server Elevation of Privilege Vulnerability | Important | 7.8 |
SQL Server | 2026-04 | - | - | - |
| CVE-2026-32173 | Azure SRE Agent Information Disclosure Vulnerability | Critical | 7.5 |
Azure SRE Agent | 2026-04 | - | - | - |
| CVE-2026-21515 | Azure IoT Central Elevation of Privilege Vulnerability | Critical | 9.9 |
Azure IOT Central | 2026-04 | - | - | - |
| CVE-2026-26135 | Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Custom Locations Resource Provider (RP) | 2026-04 | - | - | - |
| CVE-2026-32211 | Azure MCP Server Information Disclosure Vulnerability | Critical | 7.5 |
Azure MCP Server | 2026-04 | - | - | - |
| CVE-2026-32213 | Azure AI Foundry Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure AI Foundry | 2026-04 | - | - | - |
| CVE-2026-33105 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Azure Kubernetes Service | 2026-04 | - | - | - |
| CVE-2026-21262 | SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2026-03 | - | Yes | - |
| CVE-2026-23660 | Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Portal Windows Admin Center | 2026-03 | - | - | - |
| CVE-2026-23664 | Azure IoT Explorer Information Disclosure Vulnerability | Important | 7.5 |
Azure IoT Explorer | 2026-03 | - | - | - |
| CVE-2026-26121 | Azure IOT Explorer Spoofing Vulnerability | Important | 7.5 |
Azure IoT Explorer | 2026-03 | - | - | - |
| CVE-2026-26115 | SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2026-03 | - | - | - |
| CVE-2026-23651 | Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability | Critical | 6.7 |
Azure Compute Gallery | 2026-03 | - | - | - |
| CVE-2026-26124 | Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability | Critical | 6.7 |
Azure Compute Gallery | 2026-03 | - | - | - |
| CVE-2026-26122 | Microsoft ACI Confidential Containers Information Disclosure Vulnerability | Critical | 6.5 |
Azure Compute Gallery | 2026-03 | - | - | - |
| CVE-2026-26148 | Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability | Important | 8.1 |
Azure Entra ID | 2026-03 | - | - | - |
| CVE-2026-32169 | Azure Cloud Shell Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Cloud Shell | 2026-03 | - | - | - |
| CVE-2026-23658 | Azure DevOps: msazure Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure DevOps | 2026-03 | - | - | - |
| CVE-2026-23659 | Azure Data Factory Information Disclosure Vulnerability | Critical | 7.5 |
Azure Data Factory | 2026-03 | - | - | - |
| CVE-2026-23661 | Azure IoT Explorer Information Disclosure Vulnerability | Important | 7.5 |
Azure IoT Explorer | 2026-03 | - | - | - |
| CVE-2026-23662 | Azure IoT Explorer Information Disclosure Vulnerability | Important | 7.5 |
Azure IoT Explorer | 2026-03 | - | - | - |
| CVE-2026-23665 | Linux Azure Diagnostic extension (LAD) Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Linux Virtual Machines | 2026-03 | - | - | - |
| CVE-2026-26117 | Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Windows Virtual Machine Agent | 2026-03 | - | - | - |
| CVE-2026-26118 | Azure MCP Server Tools Elevation of Privilege Vulnerability | Important | 8.8 |
Azure MCP Server | 2026-03 | - | - | - |
| CVE-2026-26141 | Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Arc | 2026-03 | - | - | - |
| CVE-2026-21512 | Azure DevOps Server Cross-Site Scripting Vulnerability | Important | 6.5 |
Azure DevOps Server | 2026-02 | - | - | - |
| CVE-2026-23655 | Microsoft ACI Confidential Containers Information Disclosure Vulnerability | Critical | 6.5 |
Azure Compute Gallery | 2026-02 | - | - | - |
| CVE-2026-24300 | Azure Front Door Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Front Door (AFD) | 2026-02 | - | - | - |
| CVE-2026-21532 | Azure Function Information Disclosure Vulnerability | Critical | 8.2 |
Azure Function | 2026-02 | - | - | - |
| CVE-2026-21528 | Azure IoT Explorer Information Disclosure Vulnerability | Important | 6.5 |
Azure IoT Explorer | 2026-02 | - | - | - |
| CVE-2026-21531 | Azure SDK for Python Remote Code Execution Vulnerability | Important | 9.8 |
Azure SDK | 2026-02 | - | - | - |
| CVE-2026-21529 | Azure HDInsight Spoofing Vulnerability | Important | 5.4 |
Azure HDInsights | 2026-02 | - | - | - |
| CVE-2026-21228 | Azure Local Remote Code Execution Vulnerability | Important | 8.1 |
Azure Local | 2026-02 | - | - | - |
| CVE-2026-24302 | Azure Arc Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Arc | 2026-02 | - | - | - |
| CVE-2026-20965 | Windows Admin Center Elevation of Privilege Vulnerability | Important | 7.5 |
Windows Admin Center | 2026-01 | - | - | - |
| CVE-2026-21224 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Connected Machine Agent | 2026-01 | - | - | - |
| CVE-2026-21226 | Azure Core shared client library for Python Remote Code Execution Vulnerability | Important | 7.5 |
Azure Core shared client library for Python | 2026-01 | - | - | - |
| CVE-2026-24304 | Azure Resource Manager Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Resource Manager | 2026-01 | - | - | - |
| CVE-2026-24306 | Azure Front Door Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Front Door (AFD) | 2026-01 | - | - | - |
| CVE-2026-21524 | Azure Data Explorer Information Disclosure Vulnerability | Critical | 7.4 |
Azure Data Explorer | 2026-01 | - | - | - |
| CVE-2026-24305 | Azure Entra ID Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Entra ID | 2026-01 | - | - | - |
| CVE-2026-21227 | Azure Logic Apps Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Logic Apps | 2026-01 | - | - | - |
| CVE-2025-62550 | Azure Monitor Agent Remote Code Execution Vulnerability | Important | 8.8 |
Azure Monitor Agent | 2025-12 | - | - | - |
| CVE-2025-64663 | Custom Question Answering Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Cognitive Service for Language - Custom Question Answering | 2025-12 | - | - | - |
| CVE-2025-65037 | Azure Container Apps Remote Code Execution Vulnerability | Critical | 10 |
Azure Container Apps | 2025-12 | - | - | - |
| CVE-2025-64675 | Azure Cosmos DB Spoofing Vulnerability | Critical | 9.6 |
Azure Cosmos DB | 2025-12 | - | - | - |
| CVE-2025-59504 | Azure Monitor Agent Remote Code Execution Vulnerability | Important | 7.3 |
Azure Monitor Agent | 2025-11 | - | - | - |
| CVE-2025-62207 | Azure Monitor Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Monitor | 2025-11 | - | - | - |
| CVE-2025-59499 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2025-11 | - | - | - |
| CVE-2025-64657 | Azure Application Gateway Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Application Gateway | 2025-11 | - | - | - |
| CVE-2025-47989 | Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7 |
Azure Connected Machine Agent | 2025-10 | - | - | - |
| CVE-2025-59291 | Confidential Azure Container Instances Elevation of Privilege Vulnerability | Critical | 8.2 |
Confidential Azure Container Instances | 2025-10 | - | - | - |
| CVE-2025-59292 | Azure Compute Gallery Elevation of Privilege Vulnerability | Critical | 8.2 |
Confidential Azure Container Instances | 2025-10 | - | - | - |
| CVE-2025-59494 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Monitor Agent | 2025-10 | - | - | - |
| CVE-2025-58724 | Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Connected Machine Agent | 2025-10 | - | - | - |
| CVE-2025-59285 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7 |
Azure Monitor Agent | 2025-10 | - | - | - |
| CVE-2025-59218 | Azure Entra ID Elevation of Privilege Vulnerability | Critical | 9.6 |
Azure Entra ID | 2025-10 | - | - | - |
| CVE-2025-59246 | Azure Entra ID Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Entra ID | 2025-10 | - | - | - |
| CVE-2025-59247 | Azure PlayFab Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure PlayFab | 2025-10 | - | - | - |
| CVE-2025-55321 | Azure Monitor Log Analytics Spoofing Vulnerability | Critical | 9.3 |
Azure Monitor | 2025-10 | - | - | - |
| CVE-2025-59273 | Azure Event Grid System Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Event Grid | 2025-10 | - | - | - |
| CVE-2025-59503 | Azure Compute Resource Provider Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Compute Gallery | 2025-10 | - | - | - |
| CVE-2025-59500 | Azure Notification Service Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Notification Service | 2025-10 | - | - | - |
| CVE-2025-49692 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Windows Virtual Machine Agent | 2025-09 | - | - | - |
| CVE-2025-55241 | Azure Entra Elevation of Privilege Vulnerability | Critical | 10 |
Azure Entra | 2025-09 | - | - | - |
| CVE-2025-54914 | Azure Networking Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure - Networking | 2025-09 | - | - | - |
| CVE-2025-55244 | Azure Bot Service Elevation of Privilege Vulnerability | Critical | 9 |
Azure Bot Service | 2025-09 | - | - | - |
| CVE-2025-55316 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Connected Machine Agent | 2025-09 | - | - | - |
| CVE-2025-47997 | Microsoft SQL Server Information Disclosure Vulnerability | Important | 5.3 |
SQL Server | 2025-09 | - | - | - |
| CVE-2025-55227 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2025-09 | - | - | - |
| CVE-2025-49758 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2025-08 | - | - | - |
| CVE-2025-53727 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2025-08 | - | - | - |
| CVE-2025-24999 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2025-08 | - | - | - |
| CVE-2025-53781 | Azure Virtual Machines Information Disclosure Vulnerability | Critical | 6.5 |
Azure Virtual Machines | 2025-08 | - | - | - |
| CVE-2025-49759 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2025-08 | - | - | - |
| CVE-2025-53765 | Azure Stack Hub Information Disclosure Vulnerability | Important | 5.5 |
Azure Stack | 2025-08 | - | - | - |
| CVE-2025-53793 | Azure Stack Hub Information Disclosure Vulnerability | Critical | 7.5 |
Azure Stack | 2025-08 | - | - | - |
| CVE-2025-53792 | Azure Portal Elevation of Privilege Vulnerability | Critical | 9.1 |
Azure Portal | 2025-08 | - | - | - |
| CVE-2025-53767 | Azure OpenAI Elevation of Privilege Vulnerability | Critical | 10 |
Azure OpenAI | 2025-08 | - | - | - |
| CVE-2025-49707 | Azure Virtual Machines Spoofing Vulnerability | Critical | 5.5 |
Azure Virtual Machines | 2025-08 | - | - | - |
| CVE-2025-53729 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Important | 7.8 |
Azure File Sync | 2025-08 | - | - | - |
| CVE-2025-21195 | Azure Service Fabric Runtime Elevation of Privilege Vulnerability | Important | 6 |
Service Fabric | 2025-07 | - | - | - |
| CVE-2025-49719 | Microsoft SQL Server Information Disclosure Vulnerability | Important | 7.5 |
SQL Server | 2025-07 | - | Yes | - |
| CVE-2025-49747 | Azure Machine Learning Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Machine Learning | 2025-07 | - | - | - |
| CVE-2025-49746 | Azure Machine Learning Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Machine Learning | 2025-07 | - | - | - |
| CVE-2025-47995 | Azure Machine Learning Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Machine Learning | 2025-07 | - | - | - |
| CVE-2025-47158 | Azure DevOps Server Elevation of Privilege Vulnerability | Critical | 9 |
Azure DevOps | 2025-07 | - | - | - |
| CVE-2025-47988 | Azure Monitor Agent Remote Code Execution Vulnerability | Important | 7.5 |
Azure Monitor Agent | 2025-07 | - | - | - |
| CVE-2025-29973 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Important | 7 |
Azure File Sync | 2025-05 | - | - | - |
| CVE-2025-30387 | Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability | Important | 9.8 |
Azure | 2025-05 | - | - | - |
| CVE-2025-33072 | Microsoft msagsfeedback.azurewebsites.net Information Disclosure Vulnerability | Critical | 7.5 |
Azure | 2025-05 | - | - | - |
| CVE-2025-29972 | Azure Storage Resource Provider Spoofing Vulnerability | Critical | 9.8 |
Azure Storage Resource Provider | 2025-05 | - | - | - |
| CVE-2025-29827 | Azure Automation Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Automation | 2025-05 | - | - | - |
| CVE-2025-29813 | Azure DevOps Server Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure DevOps | 2025-05 | - | - | - |
| CVE-2025-25002 | Azure Local Cluster Information Disclosure Vulnerability | Important | 5.7 |
Azure Local Cluster | 2025-04 | - | - | - |
| CVE-2025-26628 | Azure Local Cluster Information Disclosure Vulnerability | Important | 5.5 |
Azure Local Cluster | 2025-04 | - | - | - |
| CVE-2025-27489 | Azure Local Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Local | 2025-04 | - | - | - |
| CVE-2025-29819 | Windows Admin Center in Azure Portal Information Disclosure Vulnerability | Important | 6.2 |
Azure Portal Windows Admin Center | 2025-04 | - | - | - |
| CVE-2025-30389 | Azure Bot Framework SDK Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Bot Framework SDK | 2025-04 | - | - | - |
| CVE-2025-33074 | Azure Functions Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Azure Functions | 2025-04 | - | - | - |
| CVE-2025-30390 | Azure ML Compute Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure | 2025-04 | - | - | - |
| CVE-2025-30392 | Azure AI bot Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Bot Framework SDK | 2025-04 | - | - | - |
| CVE-2025-21416 | Azure Virtual Desktop Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Virtual Desktop | 2025-04 | - | - | - |
| CVE-2025-24986 | Azure Promptflow Remote Code Execution Vulnerability | Important | 6.5 |
Azure PromptFlow | 2025-03 | - | - | - |
| CVE-2025-26683 | Azure Playwright Elevation of Privilege Vulnerability | Critical | 9.8 |
Azure Playwright | 2025-03 | - | - | - |
| CVE-2025-21384 | Azure Health Bot Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Health Bot | 2025-03 | - | - | - |
| CVE-2025-21199 | Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability | Important | 6.7 |
Azure Agent Installer | 2025-03 | - | - | - |
| CVE-2025-24049 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | Important | 8.4 |
Azure CLI | 2025-03 | - | - | - |
| CVE-2025-26627 | Azure Arc Installer Elevation of Privilege Vulnerability | Important | 7 |
Azure Arc | 2025-03 | - | - | - |
| CVE-2025-21188 | Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | Important | 6 |
Azure Network Watcher | 2025-02 | - | - | - |
| CVE-2025-21415 | Azure AI Face Service Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure AI Face Service | 2025-01 | - | - | - |
| CVE-2025-21380 | Azure Marketplace SaaS Resources Information Disclosure Vulnerability | Critical | 6.5 |
Azure Marketplace SaaS Resources | 2025-01 | - | - | - |
| CVE-2024-43602 | Azure CycleCloud Remote Code Execution Vulnerability | Important | 9.9 |
Azure CycleCloud | 2024-11 | - | - | - |
| CVE-2024-38255 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-43459 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-43462 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-48994 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-48995 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-48996 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49042 | Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability | Important | 7.2 |
Azure Database for PostgreSQL | 2024-11 | - | - | - |
| CVE-2024-49043 | Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49052 | Microsoft Azure PolicyWatch Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Azure Functions | 2024-11 | - | - | - |
| CVE-2024-43613 | Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability | Important | 7.2 |
Azure Database for PostgreSQL | 2024-11 | - | - | - |
| CVE-2024-48993 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-48997 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-48998 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-48999 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49000 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49001 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49002 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49003 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49004 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49005 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49007 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49006 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49008 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49009 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49010 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49011 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49012 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49013 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49014 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49015 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49016 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49017 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49018 | SQL Server Native Client Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49021 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2024-11 | - | - | - |
| CVE-2024-49060 | Azure Stack HCI Elevation of Privilege Vulnerability | Important | 8.8 |
Azure Stack | 2024-11 | - | - | - |
| CVE-2024-38097 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.1 |
Azure Monitor | 2024-10 | - | - | - |
| CVE-2024-38179 | Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability | Important | 8.8 |
Azure Stack | 2024-10 | - | - | - |
| CVE-2024-43480 | Azure Service Fabric for Linux Remote Code Execution Vulnerability | Important | 6.6 |
Service Fabric | 2024-10 | - | - | - |
| CVE-2024-43591 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | Important | 9.1 |
Azure CLI | 2024-10 | - | - | - |
| CVE-2024-38216 | Azure Stack Hub Elevation of Privilege Vulnerability | Critical | 9 |
Azure Stack | 2024-09 | - | - | - |
| CVE-2024-38220 | Azure Stack Hub Elevation of Privilege Vulnerability | Critical | 9 |
Azure Stack | 2024-09 | - | - | - |
| CVE-2024-38188 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | Important | 7.1 |
Azure Network Watcher | 2024-09 | - | - | - |
| CVE-2024-37965 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2024-09 | - | - | - |
| CVE-2024-37341 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 9.8 |
SQL Server | 2024-09 | - | - | - |
| CVE-2024-43469 | Azure CycleCloud Remote Code Execution Vulnerability | Important | 8.8 |
Azure CycleCloud | 2024-09 | - | - | - |
| CVE-2024-43470 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | Important | 7.3 |
Azure Network Watcher | 2024-09 | - | - | - |
| CVE-2024-38194 | Azure Web Apps Elevation of Privilege Vulnerability | Critical | 9.9 |
Azure Web Apps | 2024-09 | - | - | - |
| CVE-2024-37980 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 9.8 |
SQL Server | 2024-09 | - | - | - |
| CVE-2024-38108 | Azure Stack Hub Spoofing Vulnerability | Important | 9.3 |
Azure Stack | 2024-08 | - | - | - |
| CVE-2024-38201 | Azure Stack Hub Elevation of Privilege Vulnerability | Important | 7 |
Azure Stack | 2024-08 | - | - | - |
| CVE-2024-38098 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Connected Machine Agent | 2024-08 | - | - | - |
| CVE-2024-38157 | Azure IoT SDK Remote Code Execution Vulnerability | Important | 7 |
Azure IoT SDK | 2024-08 | - | - | - |
| CVE-2024-38158 | Azure IoT SDK Remote Code Execution Vulnerability | Important | 7 |
Azure IoT SDK | 2024-08 | - | - | - |
| CVE-2024-38162 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Connected Machine Agent | 2024-08 | - | - | - |
| CVE-2024-38195 | Azure CycleCloud Remote Code Execution Vulnerability | Important | 7.8 |
Azure CycleCloud | 2024-08 | - | - | - |
| CVE-2024-38109 | Azure Health Bot Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Health Bot | 2024-08 | - | - | - |
| CVE-2024-38175 | Azure Managed Instance for Apache Cassandra Elevation of Privilege Vulnerability | Critical | 8.8 |
Azure Managed Instance for Apache Cassandra | 2024-08 | - | - | - |
| CVE-2024-38088 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-38087 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21332 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21333 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21335 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21373 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21398 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21414 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21415 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21428 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37318 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37332 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37331 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-38086 | Azure Kinect SDK Remote Code Execution Vulnerability | Important | 6.4 |
Azure Kinect SDK | 2024-07 | - | - | - |
| CVE-2024-35261 | Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Network Watcher | 2024-07 | - | - | - |
| CVE-2024-35266 | Azure DevOps Server Spoofing Vulnerability | Important | 7.6 |
Azure DevOps | 2024-07 | - | - | - |
| CVE-2024-35267 | Azure DevOps Server Spoofing Vulnerability | Important | 7.6 |
Azure DevOps | 2024-07 | - | - | - |
| CVE-2024-35271 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-35272 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-20701 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21303 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21308 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21317 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21331 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21425 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37319 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37320 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37321 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37322 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37323 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37324 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-21449 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37326 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37327 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37328 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37329 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37330 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37333 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-37336 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-28928 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-35256 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - | - |
| CVE-2024-38092 | Azure CycleCloud Elevation of Privilege Vulnerability | Important | 8.8 |
Azure CycleCloud | 2024-07 | - | - | - |
| CVE-2024-35255 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability | Important | 5.5 |
Azure SDK | 2024-06 | - | - | - |
| CVE-2024-35252 | Azure Storage Movement Client Library Denial of Service Vulnerability | Important | 7.5 |
Azure Storage Library | 2024-06 | - | - | - |
| CVE-2024-35253 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Important | 4.4 |
Azure File Sync | 2024-06 | - | - | - |
| CVE-2024-35254 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.1 |
Azure Monitor | 2024-06 | - | - | - |
| CVE-2024-37325 | Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability | Important | 8.1 |
Azure Data Science Virtual Machines | 2024-06 | - | - | - |
| CVE-2024-0985 | Unknown | Unknown | 8 |
Mariner | 2024-06 | - | - | - |
| CVE-2024-30053 | Azure Migrate Cross-Site Scripting Vulnerability | Important | 5.4 |
Azure Migrate | 2024-05 | - | - | - |
| CVE-2024-30060 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Monitor | 2024-05 | - | Yes | - |
| CVE-2024-26193 | Azure Migrate Remote Code Execution Vulnerability | Important | 6.4 |
Azure Migrate | 2024-04 | - | - | - |
| CVE-2024-21424 | Azure Compute Gallery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Compute Gallery | 2024-04 | - | - | - |
| CVE-2024-29063 | Azure AI Search Information Disclosure Vulnerability | Important | 5.5 |
Azure AI Search | 2024-04 | - | - | - |
| CVE-2024-20685 | Azure Private 5G Core Denial of Service Vulnerability | Moderate | 5.9 |
Azure Private 5G Core | 2024-04 | - | - | - |
| CVE-2024-29990 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | Important | 9 |
Microsoft Azure Kubernetes Service | 2024-04 | - | - | - |
| CVE-2024-28917 | Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability | Important | 6.2 |
Azure Arc | 2024-04 | - | - | - |
| CVE-2024-29989 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important | 8.4 |
Azure Monitor | 2024-04 | - | - | - |
| CVE-2024-29992 | Azure Identity Library for .NET Information Disclosure Vulnerability | Moderate | 5.5 |
Azure SDK | 2024-04 | - | - | - |
| CVE-2024-29993 | Azure CycleCloud Elevation of Privilege Vulnerability | Important | 8.8 |
Azure | 2024-04 | - | - | - |
| CVE-2024-21421 | Azure SDK Spoofing Vulnerability | Important | 7.5 |
Azure SDK | 2024-03 | - | - | - |
| CVE-2024-26203 | Azure Data Studio Elevation of Privilege Vulnerability | Important | 7.3 |
Azure Data Studio | 2024-03 | - | - | - |
| CVE-2024-21400 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | Important | 9 |
Microsoft Azure Kubernetes Service | 2024-03 | - | - | - |
| CVE-2024-21330 | Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | Important | 7.8 |
Open Management Infrastructure | 2024-03 | - | - | - |
| CVE-2024-21329 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.3 |
Azure Connected Machine Agent | 2024-02 | - | - | - |
| CVE-2024-21381 | Microsoft Azure Active Directory B2C Spoofing Vulnerability | Important | 6.8 |
Azure Active Directory | 2024-02 | - | - | - |
| CVE-2024-20667 | Azure DevOps Server Remote Code Execution Vulnerability | Important | 7.5 |
Azure DevOps | 2024-02 | - | - | - |
| CVE-2024-20679 | Azure Stack Hub Spoofing Vulnerability | Important | 6.5 |
Azure Stack | 2024-02 | - | - | - |
| CVE-2024-21364 | Microsoft Azure Site Recovery Elevation of Privilege Vulnerability | Moderate | 9.3 |
Azure Site Recovery | 2024-02 | - | - | - |
| CVE-2024-21376 | Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability | Important | 9 |
Microsoft Azure Kubernetes Service | 2024-02 | - | - | - |
| CVE-2024-21397 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Important | 5.3 |
Azure File Sync | 2024-02 | - | - | - |
| CVE-2024-21403 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | Important | 9 |
Microsoft Azure Kubernetes Service | 2024-02 | - | - | - |
| CVE-2024-20676 | Azure Storage Mover Remote Code Execution Vulnerability | Important | 8 |
Azure Storage Mover | 2024-01 | - | - | - |
| CVE-2023-35625 | Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability | Important | 4.7 |
Azure Machine Learning | 2023-12 | - | - | - |
| CVE-2023-36019 | Microsoft Power Platform Connector Spoofing Vulnerability | Critical | 7.4 |
Microsoft Power Platform Connector | 2023-12 | - | - | - |
| CVE-2023-35624 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important | 7.3 |
Azure Connected Machine Agent | 2023-12 | - | - | - |
| CVE-2023-21751 | Azure DevOps Server Spoofing Vulnerability | Important | 6.5 |
Azure DevOps | 2023-12 | - | - | - |
| CVE-2023-36437 | Azure DevOps Server Remote Code Execution Vulnerability | Important | 8.8 |
Azure DevOps | 2023-11 | - | - | - |
| CVE-2023-36737 | Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | Important | 7.8 |
Azure | 2023-10 | - | - | - |
| CVE-2023-36728 | Microsoft SQL Server Denial of Service Vulnerability | Important | 5.5 |
SQL Server | 2023-10 | - | - | - |
| CVE-2023-36561 | Azure DevOps Server Elevation of Privilege Vulnerability | Important | 7.3 |
Azure DevOps | 2023-10 | - | - | - |
| CVE-2023-36419 | Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability | Important | 9.8 |
Azure | 2023-10 | - | - | - |
| CVE-2023-36415 | Azure Identity SDK Remote Code Execution Vulnerability | Important | 8.8 |
Azure SDK | 2023-10 | - | - | - |
| CVE-2023-36414 | Azure Identity SDK Remote Code Execution Vulnerability | Important | 8.8 |
Azure SDK | 2023-10 | - | - | - |
| CVE-2023-36418 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2023-10 | - | - | - |
| CVE-2023-29332 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Azure Kubernetes Service | 2023-09 | - | - | - |
| CVE-2023-33136 | Azure DevOps Server Remote Code Execution Vulnerability | Important | 8.8 |
Azure DevOps | 2023-09 | - | - | - |
| CVE-2023-38156 | Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability | Important | 7.2 |
Azure HDInsights | 2023-09 | - | - | - |
| CVE-2023-38155 | Azure DevOps Server Remote Code Execution Vulnerability | Important | 8.1 |
Azure DevOps | 2023-09 | - | - | - |
| CVE-2023-35393 | Azure Apache Hive Spoofing Vulnerability | Important | 4.5 |
Azure HDInsights | 2023-08 | - | - | - |
| CVE-2023-35394 | Azure HDInsight Jupyter Notebook Spoofing Vulnerability | Important | 4.6 |
Azure HDInsights | 2023-08 | - | - | - |
| CVE-2023-38188 | Azure Apache Hadoop Spoofing Vulnerability | Important | 4.5 |
Azure HDInsights | 2023-08 | - | - | - |
| CVE-2023-36877 | Azure Apache Oozie Spoofing Vulnerability | Important | 4.5 |
Azure HDInsights | 2023-08 | - | - | - |
| CVE-2023-36881 | Azure Apache Ambari Spoofing Vulnerability | Important | 4.5 |
Azure HDInsights | 2023-08 | - | - | - |
| CVE-2023-36869 | Azure DevOps Server Spoofing Vulnerability | Important | 6.3 |
Azure DevOps | 2023-08 | - | - | - |
| CVE-2023-38176 | Azure Arc-Enabled Servers Elevation of Privilege Vulnerability | Important | 7 |
Azure Arc | 2023-08 | - | - | - |
| CVE-2023-36868 | Azure Service Fabric on Windows Information Disclosure Vulnerability | Important | 6.5 |
Service Fabric | 2023-07 | - | - | - |
| CVE-2023-21569 | Azure DevOps Server Spoofing Vulnerability | Important | 5.5 |
Azure DevOps | 2023-06 | - | - | - |
| CVE-2023-21565 | Azure DevOps Server Spoofing Vulnerability | Important | 7.1 |
Azure DevOps | 2023-06 | - | - | - |
| CVE-2023-23384 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 7.3 |
SQL Server | 2023-04 | - | - | - |
| CVE-2023-28300 | Azure Service Connector Security Feature Bypass Vulnerability | Important | 7.5 |
Azure Service Connector | 2023-04 | - | - | - |
| CVE-2023-28312 | Azure Machine Learning Information Disclosure Vulnerability | Important | 6.5 |
Azure Machine Learning | 2023-04 | - | - | - |
| CVE-2023-23383 | Service Fabric Explorer Spoofing Vulnerability | Important | 4.7 |
Service Fabric | 2023-03 | - | - | - |
| CVE-2023-23408 | Azure Apache Ambari Spoofing Vulnerability | Important | 4.5 |
Azure | 2023-03 | - | - | - |
| CVE-2023-21553 | Azure DevOps Server Remote Code Execution Vulnerability | Important | 7.5 |
Azure DevOps | 2023-02 | - | - | - |
| CVE-2023-21777 | Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability | Important | 8.7 |
Azure App Service | 2023-02 | - | - | - |
| CVE-2023-21704 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2023-02 | - | - | - |
| CVE-2023-21705 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2023-02 | - | - | - |
| CVE-2023-21718 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2023-02 | - | - | - |
| CVE-2023-21528 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2023-02 | - | - | - |
| CVE-2023-23382 | Azure Machine Learning Compute Instance Information Disclosure Vulnerability | Important | 6.5 |
Azure Machine Learning | 2023-02 | - | - | - |
| CVE-2023-21703 | Azure Data Box Gateway Remote Code Execution Vulnerability | Important | 7.2 |
Azure Data Box Gateway | 2023-02 | - | - | - |
| CVE-2023-21713 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2023-02 | - | - | - |
| CVE-2023-21564 | Azure DevOps Server Cross-Site Scripting Vulnerability | Important | 7.1 |
Azure DevOps | 2023-02 | - | - | - |
| CVE-2023-21531 | Azure Service Fabric Container Elevation of Privilege Vulnerability | Important | 7 |
Azure Service Fabric Container | 2023-01 | - | - | - |
| CVE-2022-44699 | Azure Network Watcher Agent Security Feature Bypass Vulnerability | Important | 5.5 |
Azure | 2022-12 | - | - | - |
| CVE-2022-38014 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | Important | 7 |
Linux Kernel | 2022-11 | - | - | - |
| CVE-2022-41085 | Azure CycleCloud Elevation of Privilege Vulnerability | Important | 7.5 |
Azure | 2022-11 | - | - | - |
| CVE-2022-41051 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-11 | - | - | - |
| CVE-2022-37968 | Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability | Critical | 10 |
Azure Arc | 2022-10 | - | - | - |
| CVE-2022-35829 | Service Fabric Explorer Spoofing Vulnerability | Important | 4.8 |
Service Fabric | 2022-10 | - | - | - |
| CVE-2022-38017 | StorSimple 8000 Series Elevation of Privilege Vulnerability | Important | 6.8 |
Azure | 2022-10 | - | - | - |
| CVE-2022-38007 | Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Arc | 2022-09 | - | - | - |
| CVE-2022-30175 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-30176 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-33646 | Azure Batch Node Agent Elevation of Privilege Vulnerability | Critical | 7 |
Azure Batch Node Agent | 2022-08 | - | - | - |
| CVE-2022-34685 | Azure RTOS GUIX Studio Information Disclosure Vulnerability | Important | 5.5 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-34686 | Azure RTOS GUIX Studio Information Disclosure Vulnerability | Important | 5.5 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-34687 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-35773 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-35776 | Azure Site Recovery Denial of Service Vulnerability | Important | 6.2 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35802 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 8.1 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35780 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35781 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35772 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35799 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35774 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35800 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35775 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35801 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35779 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-35806 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-08 | - | - | - |
| CVE-2022-35807 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35808 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35782 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35809 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35783 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.4 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35784 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35810 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35811 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35785 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35812 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35786 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35787 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35813 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35788 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35814 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35789 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35815 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35790 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35816 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35817 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35791 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35818 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35819 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-35821 | Azure Sphere Information Disclosure Vulnerability | Important | 4.4 |
Azure Sphere | 2022-08 | - | - | - |
| CVE-2022-35824 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-08 | - | - | - |
| CVE-2022-33641 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33642 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33643 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-30181 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-30187 | Azure Storage Library Information Disclosure Vulnerability | Important | 4.7 |
Azure Storage Library | 2022-07 | - | - | - |
| CVE-2022-33650 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33651 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33652 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33653 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33654 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33655 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33656 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33657 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33658 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33659 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33660 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33661 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33662 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33663 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33664 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33665 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33666 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33667 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33668 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33669 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33671 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33672 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33673 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33674 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 8.3 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33675 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33676 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33677 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-33678 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-07 | - | - | - |
| CVE-2022-35798 | Azure Arc Jumpstart Information Disclosure Vulnerability | Moderate | 3.3 |
Azure Arc Jumpstart | 2022-07 | - | - | - |
| CVE-2022-30137 | Azure Service Fabric Container Elevation of Privilege Vulnerability | Important | 6.7 |
Azure Service Fabric Container | 2022-06 | - | - | - |
| CVE-2022-30177 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-06 | - | - | - |
| CVE-2022-30178 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-06 | - | - | - |
| CVE-2022-30179 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-06 | - | - | - |
| CVE-2022-30180 | Azure RTOS GUIX Studio Information Disclosure Vulnerability | Important | 7.8 |
Azure Real Time Operating System | 2022-06 | - | - | - |
| CVE-2022-29143 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 7.5 |
SQL Server | 2022-06 | - | - | - |
| CVE-2022-29149 | Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | Important | 7.8 |
Azure OMI | 2022-06 | - | - | - |
| CVE-2022-26896 | Azure Site Recovery Information Disclosure Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-04 | - | - | - |
| CVE-2022-26897 | Azure Site Recovery Information Disclosure Vulnerability | Important | 4.9 |
Azure Site Recovery | 2022-04 | - | - | - |
| CVE-2022-26898 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-04 | - | - | - |
| CVE-2022-26907 | Azure SDK for .NET Information Disclosure Vulnerability | Important | 5.3 |
Azure SDK | 2022-04 | - | - | - |
| CVE-2022-24506 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24515 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24467 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-23278 | Microsoft Defender for Endpoint Spoofing Vulnerability | Important | 5.9 |
Microsoft Defender for Endpoint | 2022-03 | - | - | - |
| CVE-2022-24468 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24469 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 8.1 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24517 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24470 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24518 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24519 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24471 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-24520 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 |
Azure Site Recovery | 2022-03 | - | - | - |
| CVE-2022-23256 | Azure Data Explorer Spoofing Vulnerability | Important | 4.3 |
Azure Data Explorer | 2022-02 | - | - | - |
| CVE-2021-42300 | Azure Sphere Tampering Vulnerability | Important | 6 |
Azure Sphere | 2021-11 | - | - | - |
| CVE-2021-42301 | Azure RTOS Information Disclosure Vulnerability | Important | 3.3 |
Azure Real Time Operating System | 2021-11 | - | - | - |
| CVE-2021-42302 | Azure RTOS Elevation of Privilege Vulnerability | Important | 6.6 |
Azure Real Time Operating System | 2021-11 | - | - | - |
| CVE-2021-42303 | Azure RTOS Elevation of Privilege Vulnerability | Important | 6.6 |
Azure Real Time Operating System | 2021-11 | - | - | - |
| CVE-2021-42304 | Azure RTOS Elevation of Privilege Vulnerability | Important | 6.6 |
Azure Real Time Operating System | 2021-11 | - | - | - |
| CVE-2021-41374 | Azure Sphere Information Disclosure Vulnerability | Important | 6.7 |
Azure Sphere | 2021-11 | - | - | - |
| CVE-2021-41375 | Azure Sphere Information Disclosure Vulnerability | Important | 4.4 |
Azure Sphere | 2021-11 | - | - | - |
| CVE-2021-41376 | Azure Sphere Information Disclosure Vulnerability | Important | 2.3 |
Azure Sphere | 2021-11 | - | - | - |
| CVE-2021-42323 | Azure RTOS Information Disclosure Vulnerability | Important | 3.3 |
Azure Real Time Operating System | 2021-11 | - | - | - |
| CVE-2021-26444 | Azure RTOS Information Disclosure Vulnerability | Important | 3.3 |
Azure Real Time Operating System | 2021-11 | - | - | - |
| CVE-2021-42306 | Azure Active Directory Information Disclosure Vulnerability | Important | 8.1 |
Azure | 2021-11 | - | - | - |
| CVE-2021-38645 | Open Management Infrastructure Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Open Management Infrastructure | 2021-09 | - | - | - |
| CVE-2021-38647 | Open Management Infrastructure Remote Code Execution Vulnerability | Critical | 9.8 |
Azure Open Management Infrastructure | 2021-09 | - | - | - |
| CVE-2021-38648 | Open Management Infrastructure Elevation of Privilege Vulnerability | Important | 7.8 |
Azure Open Management Infrastructure | 2021-09 | - | - | - |
| CVE-2021-38649 | Open Management Infrastructure Elevation of Privilege Vulnerability | Important | 7 |
Azure Open Management Infrastructure | 2021-09 | - | - | - |
| CVE-2021-36956 | Azure Sphere Information Disclosure Vulnerability | Important | 4.4 |
Azure Sphere | 2021-09 | - | - | - |
| CVE-2021-33762 | Azure CycleCloud Elevation of Privilege Vulnerability | Important | 7 |
Azure | 2021-08 | - | - | - |
| CVE-2021-26428 | Azure Sphere Information Disclosure Vulnerability | Important | 4.4 |
Azure Sphere | 2021-08 | - | - | - |
| CVE-2021-26429 | Azure Sphere Elevation of Privilege Vulnerability | Important | 7.7 |
Azure Sphere | 2021-08 | - | - | - |
| CVE-2021-26430 | Azure Sphere Denial of Service Vulnerability | Important | 6 |
Azure Sphere | 2021-08 | - | - | - |
| CVE-2021-36949 | Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability | Important | 7.1 |
Microsoft Azure Active Directory Connect | 2021-08 | - | - | - |
| CVE-2021-36943 | Azure CycleCloud Elevation of Privilege Vulnerability | Important | 4 |
Azure | 2021-08 | - | - | - |
| CVE-2021-27067 | Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability | Important | 6.5 |
Azure DevOps | 2021-04 | - | - | - |
| CVE-2021-28458 | Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability | Important | 7.8 |
Open Source Software | 2021-04 | - | Yes | - |
| CVE-2021-28459 | Azure DevOps Server Spoofing Vulnerability | Important | 6.1 |
Azure DevOps | 2021-04 | - | - | - |
| CVE-2021-28460 | Azure Sphere Unsigned Code Execution Vulnerability | Critical | 8.1 |
Azure Sphere | 2021-04 | - | - | - |
| CVE-2021-24087 | Azure IoT CLI extension Elevation of Privilege Vulnerability | Important | 7 |
Azure IoT | 2021-03 | - | - | - |
| CVE-2021-24109 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | Moderate | 6.8 |
Microsoft Azure Kubernetes Service | 2021-03 | - | - | - |
| CVE-2021-1677 | Azure Active Directory Pod Identity Spoofing Vulnerability | Important | 5.5 |
Azure Active Directory Pod Identity | 2021-01 | - | - | - |
| CVE-2020-17135 | Azure DevOps Server Spoofing Vulnerability | Important | 6.4 |
Azure DevOps | 2020-12 | - | - | - |
| CVE-2020-16971 | Azure SDK for Java Security Feature Bypass Vulnerability | Important | 7.4 |
Azure SDK | 2020-12 | - | - | - |
| CVE-2020-17002 | Azure SDK for C Security Feature Bypass Vulnerability | Important | 7.4 |
Azure DevOps | 2020-12 | - | - | - |
| CVE-2020-17145 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | Important | 5.4 |
Azure DevOps | 2020-12 | - | - | - |
| CVE-2020-16970 | Azure Sphere Unsigned Code Execution Vulnerability | Important | 8.1 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16981 | Azure Sphere Elevation of Privilege Vulnerability | Important | 6.1 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16982 | Azure Sphere Unsigned Code Execution Vulnerability | Important | 6.1 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16983 | Azure Sphere Tampering Vulnerability | Important | 5.7 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16984 | Azure Sphere Unsigned Code Execution Vulnerability | Important | 7.3 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16985 | Azure Sphere Information Disclosure Vulnerability | Important | 6.2 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16986 | Azure Sphere Denial of Service Vulnerability | Important | 6.2 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16987 | Azure Sphere Unsigned Code Execution Vulnerability | Important | 7.3 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16988 | Azure Sphere Elevation of Privilege Vulnerability | Critical | 6.9 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16989 | Azure Sphere Elevation of Privilege Vulnerability | Important | 5.4 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16990 | Azure Sphere Information Disclosure Vulnerability | Important | 6.2 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16991 | Azure Sphere Unsigned Code Execution Vulnerability | Important | 7.3 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16992 | Azure Sphere Elevation of Privilege Vulnerability | Important | 7.5 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16994 | Azure Sphere Unsigned Code Execution Vulnerability | Important | 7.3 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-16993 | Azure Sphere Elevation of Privilege Vulnerability | Important | 5.4 |
Azure Sphere | 2020-11 | - | - | - |
| CVE-2020-1325 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | Important | 5.4 |
Azure DevOps | 2020-11 | - | - | - |
| CVE-2020-16904 | Azure Functions Elevation of Privilege Vulnerability | Important | 5.3 |
Azure | 2020-10 | - | - | - |
| CVE-2020-1416 | Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability | Important | 8.8 |
Visual Studio | 2020-07 | - | - | - |
| CVE-2020-1326 | Azure DevOps Server Cross-site Scripting Vulnerability | Important | 5.4 |
Azure DevOps | 2020-07 | - | - | - |
| CVE-2020-1327 | Azure DevOps Server HTML Injection Vulnerability | Important | 6.1 |
Azure DevOps | 2020-06 | - | - | - |
| CVE-2020-0700 | Azure DevOps Server Cross-site Scripting Vulnerability | Important | 5.4 |
Azure DevOps | 2020-03 | - | - | - |
| CVE-2020-0758 | Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability | Important | 7.5 |
Azure DevOps | 2020-03 | - | - | - |
| CVE-2020-0815 | Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability | Important | 7.5 |
Azure DevOps | 2020-03 | - | - | - |
| CVE-2019-1234 | Azure Stack Spoofing Vulnerability | Important | 7.5 |
Azure Stack | 2019-11 | - | - | - |
| CVE-2019-1372 | Azure Stack Remote Code Execution Vulnerability | Critical | 10 |
Azure | 2019-10 | - | - | - |
| CVE-2019-1305 | Team Foundation Server Cross-site Scripting Vulnerability | Important | 5.4 |
Team Foundation Server | 2019-09 | - | - | - |
| CVE-2019-1306 | Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability | Critical | 9.8 |
Team Foundation Server | 2019-09 | - | - | - |
| CVE-2019-1072 | Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability | Critical | 9.8 |
Azure DevOps | 2019-07 | - | - | - |
| CVE-2018-15664 | Docker Elevation of Privilege Vulnerability | Important | - | Open Source Software | 2019-07 | - | Yes | - |
| CVE-2019-1076 | Team Foundation Server Cross-site Scripting Vulnerability | Important | 5.4 |
Azure DevOps | 2019-07 | - | - | - |
| CVE-2019-0962 | Azure Automation Elevation of Privilege Vulnerability | Important | 4.9 |
Azure | 2019-07 | - | Yes | - |
| CVE-2019-0996 | Azure DevOps Server Spoofing Vulnerability | Important | 6.5 |
Team Foundation Server | 2019-06 | - | - | - |
| CVE-2019-0971 | Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability | Important | 6.5 |
Team Foundation Server | 2019-05 | - | - | - |
| CVE-2019-0872 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | 5.4 |
Team Foundation Server | 2019-05 | - | - | - |
| CVE-2019-0979 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | 5.4 |
Team Foundation Server | 2019-05 | - | - | - |
| CVE-2019-1000 | Microsoft Azure AD Connect Elevation of Privilege Vulnerability | Important | 5.3 |
Azure | 2019-05 | - | - | - |
| CVE-2019-0857 | Azure DevOps Server Spoofing Vulnerability | Important | 6.5 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0866 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | 6.1 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0867 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | 6.1 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0868 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | 6.1 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0869 | Azure DevOps Server HTML Injection Vulnerability | Important | 6.1 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0870 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | 6.1 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0871 | Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability | Important | 6.1 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0874 | Azure DevOps Server Cross-site Scripting Vulnerability | Important | 6.1 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0875 | Azure DevOps Server Elevation of Privilege Vulnerability | Important | 7.5 |
Team Foundation Server | 2019-04 | - | - | - |
| CVE-2019-0804 | Azure Linux Agent Information Disclosure Vulnerability | Important | 6.5 |
Azure | 2019-03 | - | - | - |
| CVE-2019-0729 | Azure IoT Java SDK Elevation of Privilege Vulnerability | Important | 9.8 |
Azure | 2019-02 | - | - | - |
| CVE-2019-0741 | Azure IoT Java SDK Information Disclosure Vulnerability | Important | 7.5 |
Azure | 2019-02 | - | - | - |
Threat Categories 8
| Threat Category | CVEs | Critical |
|---|---|---|
| Elevation of Privilege | 247 | 65 |
| Remote Code Execution | 141 | 12 |
| Spoofing | 57 | 8 |
| Information Disclosure | 53 | 13 |
| Denial of Service | 6 | - |
| Security Feature Bypass | 5 | - |
| Tampering | 2 | - |
| Unknown | 1 | - |
Components 111
| Component | CVEs | Exploited |
|---|---|---|
| SQL Server | 92 | - |
| Azure Site Recovery | 81 | - |
| Azure DevOps | 30 | - |
| Azure Sphere | 25 | - |
| Azure | 20 | - |
| Azure Real Time Operating System | 20 | - |
| Team Foundation Server | 15 | - |
| Azure Stack | 10 | - |
| Azure Connected Machine Agent | 9 | - |
| Azure Monitor Agent | 9 | - |
| Azure SDK | 9 | - |
| Azure Machine Learning | 8 | - |
| Microsoft Azure Kubernetes Service | 8 | - |
| Azure Arc | 7 | - |
| Azure Compute Gallery | 7 | - |
| Azure HDInsights | 7 | - |
| Azure Entra ID | 6 | - |
| Azure Monitor | 6 | - |
| Azure IoT Explorer | 5 | - |
| Service Fabric | 5 | - |
| Azure CycleCloud | 4 | - |
| Azure File Sync | 4 | - |
| Azure Network Watcher | 4 | - |
| Azure Open Management Infrastructure | 4 | - |
| Azure Logic Apps | 3 | - |
| Azure Managed Instance for Apache Cassandra | 3 | - |
| Azure Portal Windows Admin Center | 3 | - |
| Azure Active Directory | 2 | - |
| Azure Bot Framework SDK | 2 | - |
| Azure Bot Service | 2 | - |
| Azure CLI | 2 | - |
| Azure Cloud Shell | 2 | - |
| Azure Data Explorer | 2 | - |
| Azure Database for PostgreSQL | 2 | - |
| Azure Front Door (AFD) | 2 | - |
| Azure Health Bot | 2 | - |
| Azure IoT SDK | 2 | - |
| Azure Local | 2 | - |
| Azure Local Cluster | 2 | - |
| Azure MCP Server | 2 | - |
| Azure Migrate | 2 | - |
| Azure Notification Service | 2 | - |
| Azure Service Fabric Container | 2 | - |
| Azure Stack Edge | 2 | - |
| Azure Storage Library | 2 | - |
| Azure Virtual Machines | 2 | - |
| Azure Windows Virtual Machine Agent | 2 | - |
| Confidential Azure Container Instances | 2 | - |
| Microsoft Azure Functions | 2 | - |
| Open Source Software | 2 | - |
| Windows Admin Center | 2 | - |
| Azure - Networking | 1 | - |
| Azure AI Face Service | 1 | - |
| Azure AI Foundry | 1 | - |
| Azure AI Foundry M365 published agents | 1 | - |
| Azure AI Search | 1 | - |
| Azure Active Directory Pod Identity | 1 | - |
| Azure Agent Installer | 1 | - |
| Azure App Service | 1 | - |
| Azure Application Gateway | 1 | - |
| Azure Arc Jumpstart | 1 | - |
| Azure Automation | 1 | - |
| Azure Batch Node Agent | 1 | - |
| Azure Cognitive Service for Language - Custom Question Answering | 1 | - |
| Azure Container Apps | 1 | - |
| Azure Core shared client library for Python | 1 | - |
| Azure Cosmos DB | 1 | - |
| Azure Custom Locations Resource Provider (RP) | 1 | - |
| Azure Data Box Gateway | 1 | - |
| Azure Data Factory | 1 | - |
| Azure Data Science Virtual Machines | 1 | - |
| Azure Data Studio | 1 | - |
| Azure Databricks | 1 | - |
| Azure DevOps Server | 1 | - |
| Azure Entra | 1 | - |
| Azure Event Grid | 1 | - |
| Azure Function | 1 | - |
| Azure HorizonDB | 1 | - |
| Azure IOT Central | 1 | - |
| Azure IoT | 1 | - |
| Azure Kinect SDK | 1 | - |
| Azure Linux Virtual Machines | 1 | - |
| Azure Local Disconnected Operations | 1 | - |
| Azure Marketplace SaaS Resources | 1 | - |
| Azure OMI | 1 | - |
| Azure OpenAI | 1 | - |
| Azure Orbital Spatio | 1 | - |
| Azure PlayFab | 1 | - |
| Azure Playwright | 1 | - |
| Azure Portal | 1 | - |
| Azure Private 5G Core | 1 | - |
| Azure Privileged Identity Management (PIM) | 1 | - |
| Azure PromptFlow | 1 | - |
| Azure Resource Manager | 1 | - |
| Azure Resource Manager (ARM) | 1 | - |
| Azure SRE Agent | 1 | - |
| Azure Service Connector | 1 | - |
| Azure Storage Mover | 1 | - |
| Azure Storage Resource Provider | 1 | - |
| Azure Synapse | 1 | - |
| Azure Virtual Desktop | 1 | - |
| Azure Virtual Network Gateway | 1 | - |
| Azure Web Apps | 1 | - |
| Linux Kernel | 1 | - |
| Mariner | 1 | - |
| Microsoft Azure Active Directory B2C | 1 | - |
| Microsoft Azure Active Directory Connect | 1 | - |
| Microsoft Defender for Endpoint | 1 | - |
| Microsoft Power Platform Connector | 1 | - |
| Open Management Infrastructure | 1 | - |
| Visual Studio | 1 | - |