454 results (0.004 seconds)

CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 1

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. • https://github.com/fortra/CVE-2024-6769 https://www.fortra.com/security/advisories/research/fr-2024-002 • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0

Windows Security Zone Mapping Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30073 • CWE-41: Improper Resolution of Path Equivalence •

CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0

Windows Remote Desktop Licensing Service Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43455 • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43454 • CWE-23: Relative Path Traversal •

CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38119 • CWE-416: Use After Free •