CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2024-20660 – Microsoft Message Queuing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20660
09 Jan 2024 — Microsoft Message Queuing Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Message Queue Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20660 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20653 – Microsoft Common Log File System Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20653
09 Jan 2024 — Microsoft Common Log File System Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del sistema de archivos de registro común de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20653 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20652 – Windows HTML Platforms Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20652
09 Jan 2024 — Windows HTML Platforms Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de plataformas HTML de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20652 • CWE-73: External Control of File Name or Path •
CVSS: 5.4EPSS: 0%CPEs: 16EXPL: 0CVE-2024-21313 – Windows TCP/IP Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21313
09 Jan 2024 — Windows TCP/IP Information Disclosure Vulnerability Vulnerabilidad de divulgación de información TCP/IP de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21313 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.6EPSS: 0%CPEs: 14EXPL: 0CVE-2024-21307 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21307
09 Jan 2024 — Remote Desktop Client Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del cliente de escritorio remoto • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21307 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 1CVE-2024-21305 – Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-21305
09 Jan 2024 — Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de Hypervisor-Protected Code Integrity (HVCI) This post details the story and technical details of the non-secure Hypervisor-Protected Code Integrity (HVCI) configuration vulnerability disclosed and fixed with the January 9th update on Windows. This vulnerability, CVE-2024-21305, allowed arbitrary kernel-mode code execution, effectively bypassing HVCI within the root p... • https://github.com/tandasat/CVE-2024-21305 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20700
09 Jan 2024 — Windows Hyper-V Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Windows Hyper-V • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20700 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20699 – Windows Hyper-V Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20699
09 Jan 2024 — Windows Hyper-V Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de Windows Hyper-V • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20699 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2024-20698 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20698
09 Jan 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows • https://github.com/RomanRybachek/CVE-2024-20698 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 9EXPL: 1CVE-2024-20696 – Windows libarchive Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20696
09 Jan 2024 — Windows Libarchive Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Windows Libarchive Windows libarchive Remote Code Execution Vulnerability It was discovered that libarchive incorrectly handled certain RAR archive files. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://github.com/clearbluejar/CVE-2024-20696 • CWE-122: Heap-based Buffer Overflow •