cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-43476,https://securityvulnerability.io/vulnerability/CVE-2024-43476,Cross-site Scripting Vulnerability in Microsoft Dynamics 365 (on-premises),Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,5.4,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-09-10T16:54:17.526Z,0
CVE-2024-38225,https://securityvulnerability.io/vulnerability/CVE-2024-38225,Elevation of Privilege Vulnerability,"An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Business Central, potentially allowing an attacker to gain unauthorized access to sensitive functionalities within the application. This vulnerability can be exploited by malicious individuals to manipulate the behavior of the application and access resources that should be restricted, compromising the integrity and confidentiality of the environment. It is essential for users of Dynamics 365 Business Central to apply the necessary patches released by Microsoft to mitigate the risk associated with this vulnerability. For more detailed information, refer to the Microsoft advisory.",Microsoft,"Microsoft Dynamics 365 Business Central 2023 Release Wave 1,Microsoft Dynamics 365 Business Central 2024 Release Wave 1,Microsoft Dynamics 365 Business Central 2023 Release Wave 2",9.8,CRITICAL,0.0014199999859556556,false,false,false,false,,false,false,2024-09-10T16:53:56.595Z,0
CVE-2024-38211,https://securityvulnerability.io/vulnerability/CVE-2024-38211,Cross-site Scripting Vulnerability Impacts Dynamics 365 (on-premises),"A cross-site scripting vulnerability in Microsoft Dynamics 365 (on-premises) enables an attacker to inject arbitrary web script or HTML into a user's browser session. This could lead to unauthorized actions or exposure of sensitive information, as affected users may be tricked into executing scripts that compromise their security. It is crucial for organizations using Microsoft Dynamics 365 on-premises to apply necessary patches and updates to mitigate potential exploitation of this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,8.2,HIGH,0.0014900000533089042,false,false,false,false,,false,false,2024-08-13T17:30:34.256Z,0
CVE-2024-30061,https://securityvulnerability.io/vulnerability/CVE-2024-30061,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,An information disclosure vulnerability in Microsoft Dynamics 365 (On-Premises) could allow unauthorized users to access sensitive data. An attacker who successfully exploits this vulnerability could gain access to confidential information that should otherwise be protected from exposure. Organizations using Microsoft Dynamics 365 must be vigilant about their deployment and access controls to mitigate potential risks associated with this flaw.,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.3,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-07-09T17:15:00.000Z,0
CVE-2024-35263,https://securityvulnerability.io/vulnerability/CVE-2024-35263,Microsoft Dynamics 365 On-Premises Information Disclosure Vulnerability,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,5.7,MEDIUM,0.0035099999513477087,false,false,false,false,,false,false,2024-06-11T17:00:08.880Z,0
CVE-2024-35249,https://securityvulnerability.io/vulnerability/CVE-2024-35249,Remote Code Execution Vulnerability Affects Microsoft Dynamics 365 Business Central,"The vulnerability in Microsoft Dynamics 365 Business Central enables remote code execution, allowing attackers to potentially execute arbitrary code on the server hosting the application. This risk arises due to improper validation of user input, which may be exploited to gain control over affected installations. Organizations utilizing Microsoft Dynamics 365 Business Central should assess their systems and apply necessary updates to mitigate this vulnerability. For detailed information and mitigation strategies, refer to the Microsoft security advisory.",Microsoft,"Microsoft Dynamics 365 Business Central 2024 Release Wave 1,Microsoft Dynamics 365 Business Central 2023 Release Wave 1,Microsoft Dynamics 365 Business Central 2023 Release Wave 2",8.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-06-11T17:00:06.410Z,0
CVE-2024-35248,https://securityvulnerability.io/vulnerability/CVE-2024-35248,Elevation of Privilege Vulnerability Affects Business Central,"The vulnerability within Microsoft Dynamics 365 Business Central pertains to an elevation of privilege, which may allow attackers to gain unauthorized access to sensitive functionalities of the application. This situation arises from improper validation of user permissions, enabling exploiters to perform actions that they are otherwise not authorized to carry out. It is essential for users and administrators to assess their deployments and take necessary mitigation steps to safeguard their environments from potential exploitation.",Microsoft,"Microsoft Dynamics 365 Business Central 2023 Release Wave 1,Microsoft Dynamics 365 Business Central 2023 Release Wave 2,Microsoft Dynamics 365 Business Central 2024 Release Wave 1",7.3,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-06-11T17:00:05.663Z,0
CVE-2024-21419,https://securityvulnerability.io/vulnerability/CVE-2024-21419,Cross-site Scripting Vulnerability Affects Microsoft Dynamics 365 (On-premises),"A cross-site scripting vulnerability exists in Microsoft Dynamics 365 (on-premises) that could allow an attacker to execute arbitrary scripts in the context of a user's session. By exploiting this vulnerability, an unauthorized user could potentially gain access to sensitive information, manipulate user sessions, or redirect users to malicious websites. It is essential for organizations using affected versions of Microsoft Dynamics 365 to assess their security posture and apply the necessary mitigations to prevent exploitation.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005099999834783375,false,false,false,false,,false,false,2024-03-12T16:58:00.401Z,0
CVE-2024-21395,https://securityvulnerability.io/vulnerability/CVE-2024-21395,Cross-site Scripting Vulnerability Affects Microsoft Dynamics 365 (On-premises),"The Microsoft Dynamics 365 (on-premises) Cross-site Scripting vulnerability presents significant security risks for user data and sessions. This vulnerability can allow attackers to inject malicious scripts into web pages, potentially compromising user interactions and allowing unauthorized access to sensitive information. Organizations utilizing this product must prioritize security measures to mitigate the risks associated with this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,8.2,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-02-13T18:02:45.175Z,0
CVE-2024-21380,https://securityvulnerability.io/vulnerability/CVE-2024-21380,Information Disclosure Vulnerability,"An information disclosure vulnerability exists in Microsoft Dynamics Business Central and NAV, which can potentially expose sensitive data to unauthorized users. This vulnerability stems from improper handling of user requests, allowing an attacker to gain access to confidential information. Organizations utilizing these platforms should take immediate action to assess their system configurations and apply relevant security updates to mitigate the risks associated with this vulnerability.",Microsoft,"Microsoft Dynamics 365 Business Central 2022 Release Wave 2,Microsoft Dynamics 365 Business Central 2023 Release Wave 1,Microsoft Dynamics 365 Business Central 2023 Release Wave 2",8,HIGH,0.0035099999513477087,false,false,false,false,,false,false,2024-02-13T18:02:43.563Z,0
CVE-2024-21328,https://securityvulnerability.io/vulnerability/CVE-2024-21328,Microsoft Dynamics 365 Sales Spoofing Vulnerability: What You Need to Know,"The spoofing vulnerability in Dynamics 365 Sales allows attackers to impersonate legitimate users, potentially gaining unauthorized access to sensitive information and operating within the application as if they were a trusted entity. Exploitation of this vulnerability could lead to manipulation of data or services, creating significant risks for organizations that rely on this CRM platform for customer engagement and sales operations. Vigilance in monitoring and applying security patches is essential to mitigate associated risks.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-02-13T18:02:28.777Z,0
CVE-2024-21396,https://securityvulnerability.io/vulnerability/CVE-2024-21396,Dynamics 365 Sales Spoofing Vulnerability,"The vulnerability in Dynamics 365 Sales allows an attacker to spoof legitimate users, potentially leading to unauthorized access and manipulation of sensitive data. This could compromise user authentication processes, resulting in significant security risks often associated with identity verification failures. As organizations increasingly rely on cloud services for critical operations, awareness and prompt mitigation of such vulnerabilities are crucial for safeguarding data integrity and user trust.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-02-13T18:02:22.505Z,0
CVE-2024-21394,https://securityvulnerability.io/vulnerability/CVE-2024-21394,Dynamics 365 Field Service Spoofing Vulnerability,"The Dynamics 365 Field Service software from Microsoft is impacted by a spoofing vulnerability that allows attackers to impersonate legitimate users, leading to potential unauthorized actions within the application. This vulnerability poses a significant risk for organizations relying on Dynamics 365 Field Service to manage their operations, as it could lead to compromised data integrity and unauthorized access. Immediate attention and remediation are recommended to mitigate potential security risks associated with this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-02-13T18:02:21.915Z,0
CVE-2024-21393,https://securityvulnerability.io/vulnerability/CVE-2024-21393,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"A Cross-site Scripting vulnerability in Microsoft Dynamics 365 (on-premises) allows attackers to inject malicious scripts into web pages viewed by users. This vulnerability can lead to unauthorized access to sensitive information, session hijacking, or further exploitation of the affected environment. It is crucial for users of affected versions to implement appropriate security measures to mitigate potential attacks. Regular monitoring and applying security updates as recommended by the vendor are vital for maintaining the integrity and security of your systems.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-02-13T18:02:21.317Z,0
CVE-2024-21389,https://securityvulnerability.io/vulnerability/CVE-2024-21389,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"Microsoft Dynamics 365 (on-premises) is affected by a Cross-site Scripting vulnerability that can allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft or unauthorized actions. This vulnerability can be exploited if an attacker manages to convince a user to click on a specially crafted link. Timely application of security updates is crucial to mitigate the risks associated with this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-02-13T18:02:20.755Z,0
CVE-2024-21327,https://securityvulnerability.io/vulnerability/CVE-2024-21327,Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability,"The vulnerability in Microsoft Dynamics 365 Customer Engagement allows an attacker to execute arbitrary scripts within the context of a user’s session. This type of cross-site scripting issue can compromise user data and facilitate unauthorized actions, posing significant security threats for organizations utilizing this platform. Secure coding practices and regular updates are essential to mitigate risks associated with this vulnerability.",Microsoft,Microsoft Dynamics 365 Customer Engagement V9.1,7.6,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-02-13T18:02:08.291Z,0
CVE-2023-36020,https://securityvulnerability.io/vulnerability/CVE-2023-36020,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",7.6,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2023-12-12T18:15:00.000Z,0
CVE-2023-36016,https://securityvulnerability.io/vulnerability/CVE-2023-36016,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",6.2,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2023-11-14T18:15:00.000Z,0
CVE-2023-36410,https://securityvulnerability.io/vulnerability/CVE-2023-36410,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2023-11-14T18:15:00.000Z,0
CVE-2023-36030,https://securityvulnerability.io/vulnerability/CVE-2023-36030,Microsoft Dynamics 365 Sales Spoofing Vulnerability,Microsoft Dynamics 365 Sales Spoofing Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",6.1,MEDIUM,0.0007600000244565308,false,false,false,false,,false,false,2023-11-14T18:15:00.000Z,0
CVE-2023-36031,https://securityvulnerability.io/vulnerability/CVE-2023-36031,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2023-11-14T18:15:00.000Z,0
CVE-2023-36416,https://securityvulnerability.io/vulnerability/CVE-2023-36416,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",6.1,MEDIUM,0.00046999999904073775,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0
CVE-2023-36429,https://securityvulnerability.io/vulnerability/CVE-2023-36429,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",6.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0
CVE-2023-36433,https://securityvulnerability.io/vulnerability/CVE-2023-36433,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",6.5,MEDIUM,0.0004799999878741801,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0
CVE-2023-38164,https://securityvulnerability.io/vulnerability/CVE-2023-38164,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",7.6,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2023-09-12T17:15:00.000Z,0