Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (372 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-49747 1 Microsoft 1 Azure Machine Learning 2025-08-23 9.9 Critical
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVE-2025-21195 1 Microsoft 2 Azure Service Fabric, Service Fabric 2025-08-23 6 Medium
Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.
CVE-2022-44699 1 Microsoft 1 Azure Network Watcher Agent 2025-07-22 5.5 Medium
Azure Network Watcher Agent Security Feature Bypass Vulnerability
CVE-2024-38175 1 Microsoft 1 Azure Managed Instance For Apache Cassandra 2025-07-10 9.6 Critical
An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network.
CVE-2024-38109 1 Microsoft 1 Azure Health Bot 2025-07-10 9.1 Critical
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
CVE-2024-38195 1 Microsoft 1 Azure Cyclecloud 2025-07-10 7.8 High
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-38162 1 Microsoft 1 Azure Connected Machine Agent 2025-07-10 7.8 High
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-38158 1 Microsoft 1 Azure Iot Hub Device Client Sdk 2025-07-10 7 High
Azure IoT SDK Remote Code Execution Vulnerability
CVE-2024-38157 1 Microsoft 1 Azure Iot Hub Device Client Sdk 2025-07-10 7 High
Azure IoT SDK Remote Code Execution Vulnerability
CVE-2024-38098 1 Microsoft 1 Azure Connected Machine Agent 2025-07-10 7.8 High
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-38201 1 Microsoft 1 Azure Stack Hub 2025-07-10 7 High
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38108 1 Microsoft 1 Azure Stack Hub 2025-07-10 9.3 Critical
Azure Stack Hub Spoofing Vulnerability
CVE-2024-49060 1 Microsoft 1 Azure Stack Hci 2025-07-08 8.8 High
Azure Stack HCI Elevation of Privilege Vulnerability
CVE-2024-43613 1 Microsoft 1 Azure Database For Postgresql Flexible Server 2025-07-08 7.2 High
Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability
CVE-2024-49052 1 Microsoft 1 Azure Functions 2025-07-08 8.2 High
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.
CVE-2024-49042 1 Microsoft 1 Azure Database For Postgresql Flexible Server 2025-07-08 7.2 High
Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability
CVE-2024-43602 1 Microsoft 1 Azure Cyclecloud 2025-07-08 9.9 Critical
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-38179 1 Microsoft 1 Azure Stack Hci 2025-07-08 8.8 High
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
CVE-2024-38204 1 Microsoft 1 Azure Functions 2025-07-08 7.5 High
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.
CVE-2024-43591 1 Microsoft 2 Azure Command-line Interface, Azure Service Connector 2025-07-08 8.7 High
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability