Azure Dev Summit 2025 - Security Resources

A comprehensive collection of security resources for Azure Dev Summit 2025 talks

OWASP Top 10 2021 applied to CISA KEV catalog, plus modern .NET serialization attacks (2018-2025)


Deserialization Vulnerabilities

SharePoint (CVE-2025-53770)

CVEs:

KB Articles:

Resources:

Sitecore (CVE-2021-42237)

CVEs:

KB Articles:

Resources:

Greenshot (CVE-2025-59050)

CVEs:

Resources:

JSON DoS (CVE-2024-21907)

CVEs:

Resources:


Authentication & Identity

Entra ID Actor Tokens (CVE-2025-55241)

CVEs:

Resources:


Supply Chain

NuGet Supply Chain

CVEs:

Resources:


Additional .NET KEV CVEs (2021-2025)

Exchange, VMware, F5, Ivanti, Skype, Samsung, Adminer, and others

2025:

2024:

2023:

2022:

2021:


General Resources

OWASP:

NIST:

MITRE:

Microsoft Security:

Detection:

Reports:

Tools:


Official Catalogs