Dataverse
by Microsoft
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-47732 | Hig | 0.57 | 8.7 | 0.03 | May 8, 2025 | Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network. | ||
| CVE-2025-29807 | Hig | 0.57 | 8.7 | 0.01 | Mar 21, 2025 | Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network. | ||
| CVE-2024-38139 | Hig | 0.57 | 8.7 | 0.01 | Oct 15, 2024 | Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2024-35260 | Hig | 0.52 | 8.0 | 0.01 | Jun 27, 2024 | An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network. | ||
| CVE-2025-29826 | Hig | 0.48 | 7.3 | 0.01 | May 13, 2025 | Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2025-24053 | Hig | 0.47 | 7.2 | 0.01 | Mar 13, 2025 | Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2021-24101 | Med | 0.42 | 6.5 | 0.03 | Feb 25, 2021 | Microsoft Dataverse Information Disclosure Vulnerability |
- risk 0.57cvss 8.7epss 0.03
Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
- risk 0.57cvss 8.7epss 0.01
Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
- risk 0.57cvss 8.7epss 0.01
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
- risk 0.52cvss 8.0epss 0.01
An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network.
- risk 0.48cvss 7.3epss 0.01
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
- risk 0.47cvss 7.2epss 0.01
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
- risk 0.42cvss 6.5epss 0.03
Microsoft Dataverse Information Disclosure Vulnerability