An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network.
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
Windows Initial Machine Configuration Elevation of Privilege Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some feature...
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network.
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability