CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2024-38247 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38247
10 Sep 2024 — Windows Graphics Component Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38247 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-38245 – Kernel Streaming Service Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38245
10 Sep 2024 — Kernel Streaming Service Driver Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38245 • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 25EXPL: 0CVE-2024-38239 – Windows Kerberos Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38239
10 Sep 2024 — Windows Kerberos Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38239 • CWE-1390: Weak Authentication •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2024-38234 – Windows Networking Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38234
10 Sep 2024 — Windows Networking Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38234 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-38231 – Windows Remote Desktop Licensing Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38231
10 Sep 2024 — Windows Remote Desktop Licensing Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38231 • CWE-285: Improper Authorization •
CVSS: 6.4EPSS: 0%CPEs: 25EXPL: 0CVE-2024-38217 – Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38217
10 Sep 2024 — Windows Mark of the Web Security Feature Bypass Vulnerability Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217 • CWE-693: Protection Mechanism Failure •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-38014 – Microsoft Windows Installer Improper Privilege Management Vulnerability
https://notcve.org/view.php?id=CVE-2024-38014
10 Sep 2024 — Windows Installer Elevation of Privilege Vulnerability Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-37341 – Microsoft SQL Server Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-37341
10 Sep 2024 — Microsoft SQL Server Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37341 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-37965 – Microsoft SQL Server Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-37965
10 Sep 2024 — Microsoft SQL Server Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37965 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-43467 – Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43467
10 Sep 2024 — Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43467 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •