Privacy Trust

on July 21, 2025 at 7:00 am — CVE-2025-49706 Microsoft SharePoint Server Spoofing Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Updated one or more CVSS scores for the affected products. This is an informational change only.

on July 21, 2025 at 7:00 am — CVE-2025-49706 Microsoft SharePoint Server Spoofing Vulnerability Read More »

on July 20, 2025 at 7:00 am — CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Improper limitation of a pathname to a restricted directory (‘path traversal’) in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

on July 20, 2025 at 7:00 am — CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability Read More »

on July 20, 2025 at 7:00 am — CVE-2025-53770 Microsoft SharePoint Server Remote Code Execution Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

The security update is avaialble for Microsoft SharePoint Server Subscription Edition. Microsoft strongly encourages customers running this version of SharePoint to install this update as soon as possible.

on July 20, 2025 at 7:00 am — CVE-2025-53770 Microsoft SharePoint Server Remote Code Execution Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-49747 Azure Machine Learning Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-49747 Azure Machine Learning Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-49746 Azure Machine Learning Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-49746 Azure Machine Learning Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-47995 Azure Machine Learning Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-47995 Azure Machine Learning Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-47158 Azure DevOps Server Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-47158 Azure DevOps Server Elevation of Privilege Vulnerability Read More »

on July 18, 2025 at 7:00 am — CVE-2025-53762 Microsoft Purview Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.

on July 18, 2025 at 7:00 am — CVE-2025-53762 Microsoft Purview Elevation of Privilege Vulnerability Read More »

on July 17, 2025 at 10:00 am — MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities

Leave a Comment / Uncategorized / Privacy Trust

In April 2025 Cisco Talos identified a Malware-as-a-Service (MaaS) operation that utilized Amadey to deliver payloads. The MaaS operators used fake GitHub accounts to host payloads, tools and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use. Several operator tactics, techniques and procedures (TTPs) overlap with a SmokeLoader phishing

on July 17, 2025 at 10:00 am — MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities Read More »

on July 16, 2025 at 7:00 am — CVE-2024-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Corrected CVE number. This is an informational change only.

on July 16, 2025 at 7:00 am — CVE-2024-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue Read More »

Protecting Privacy Build Trust

Protecting Privacy Build Trust

Join Us in Building a Privacy-Centric Future

Solutions

Services

Contacts