Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2023-23384

Microsoft SQL Server Remote Code Execution Vulnerability

CVE
Open in Source
#sql#vulnerability#microsoft#rce
CVE-2023-28309

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-28313

Microsoft Dynamics 365 Customer Voice Cross-Site Scripting Vulnerability

CVE-2023-28314

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-28301

Microsoft Edge (Chromium-based) Tampering Vulnerability

CVE-2023-28304

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

CVE-2023-28284

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities

April is the third month in a row in which at least one of the vulnerabilities Microsoft released in a Patch Tuesday had been exploited in the wild prior to disclosure.

Microsoft Azure Shared Key Misconfiguration Could Lead to RCE

Azure admins are urged to disable shared key access and implement Azure Active Directory authentication.

Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers

A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal access-tokens of higher privilege identities, move laterally, potentially access critical business assets, and