| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network. |
| Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network. |
| Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability |
| Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network. |
| Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally. |
| Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. |
| Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally. |
| Open Management Infrastructure Elevation of Privilege Vulnerability |
| Open Management Infrastructure Elevation of Privilege Vulnerability |
| Open Management Infrastructure Remote Code Execution Vulnerability |
| Open Management Infrastructure Elevation of Privilege Vulnerability |
| Azure Stack Hub Elevation of Privilege Vulnerability |
| Azure Stack Hub Spoofing Vulnerability |
| Azure Stack HCI Elevation of Privilege Vulnerability |
| Azure Stack Hub Spoofing Vulnerability |
| NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service. |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. |
| Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability. |
| Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
| Azure Data Box Gateway Remote Code Execution Vulnerability |
