Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with networ...
Vulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network ...
Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We ...
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.
Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network.
Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.
Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.