Security
Headlines

Headlines Latest CVEs

Headline

CVE-2024-38108: Azure Stack Hub Spoofing Vulnerability

How could an attacker exploit this vulnerability?

A cross-site scripting vulnerability existed in virtual public IP address that impacted related endpoints. For more information on the impacted virtual public IP address, see here: What is IP address 168.63.129.16? | Microsoft Learn. An unauthenticated attacker could exploit this vulnerability by getting the victim to load malicious code into their web browser on the virtual machine, allowing the attacker to leverage an implicit identity of the virtual machine. The victim’s web browser then would determine which host endpoints are accessible.

3 months ago

Microsoft Security Response Center

#xss #vulnerability #web #mac #microsoft #auth #Azure Stack #Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability

23 hours ago

Microsoft Security Response Center

CVE-2024-11117: Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem

1 day ago

Microsoft Security Response Center

CVE-2024-11116: Chromium: CVE-2024-11116 Inappropriate implementation in Paint

1 day ago

Microsoft Security Response Center

CVE-2024-11115: Chromium: CVE-2024-11115 Insufficient policy enforcement in Navigation

1 day ago

Microsoft Security Response Center

CVE-2024-11114: Chromium: CVE-2024-11114 Inappropriate implementation in Views

1 day ago

Microsoft Security Response Center