Page 12 of 610 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

10 Dec 2024 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49138 • CWE-122: Heap-based Buffer Overflow •

CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 0

10 Dec 2024 — Windows Remote Desktop Services Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49128 • CWE-416: Use After Free CWE-591: Sensitive Data Storage in Improperly Locked Memory •

CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0

10 Dec 2024 — Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49127 • CWE-416: Use After Free •

CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0

10 Dec 2024 — Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49118 • CWE-416: Use After Free •

CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0

10 Dec 2024 — Windows Remote Desktop Services Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49116 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 5

10 Dec 2024 — Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability • https://packetstorm.news/files/id/183329 • CWE-125: Out-of-bounds Read •

CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 6

10 Dec 2024 — Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability • https://packetstorm.news/files/id/183317 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

10 Dec 2024 — Windows Common Log File System Driver Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49090 • CWE-822: Untrusted Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

10 Dec 2024 — Windows Common Log File System Driver Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49088 • CWE-126: Buffer Over-read •

CVSS: 7.1EPSS: 0%CPEs: 26EXPL: 0

10 Dec 2024 — Windows File Explorer Information Disclosure Vulnerability This vulnerability allows remote attackers to delete arbitrary files or disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of filenames. The issue results from the lack of proper validation of filenames originating from untrusted sources, which may contain path traversal characters. An attacker can leverage this vulner... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49082 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •