#auth

Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.

29 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #auth #Microsoft Exchange Server #Security Vulnerability

CVE-2025-53729: Microsoft Azure File Sync Elevation of Privilege Vulnerability

Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.

29 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #auth #Azure File Sync #Security Vulnerability

CVE-2025-53772: Web Deploy Remote Code Execution Vulnerability

Deserialization of untrusted data in Visual Studio allows an authorized attacker to execute code locally.

29 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #rce #auth #Web Deploy #Security Vulnerability

CVE-2025-49745: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network.

29 days ago

Microsoft Security Response Center

Open in Source

#xss #vulnerability #web #microsoft #auth #Microsoft Dynamics 365 (on-premises)#Security Vulnerability

CVE-2025-49751: Windows Hyper-V Denial of Service Vulnerability

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.

29 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #dos #auth #Role: Windows Hyper-V #Security Vulnerability

CVE-2025-49758: Microsoft SQL Server Elevation of Privilege Vulnerability

Improper privilege management in SQL Server allows an authorized attacker to elevate privileges locally.