Page 17 of 244 results (0.009 seconds)

CVSS: 5.4EPSS: 0%CPEs: 26EXPL: 0

Windows Mark of the Web Security Feature Bypass Vulnerability Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217 • CWE-693: Protection Mechanism Failure •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

Windows Installer Elevation of Privilege Vulnerability Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014 • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43467 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0

Windows Kernel-Mode Driver Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38256 • CWE-908: Use of Uninitialized Resource •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

Windows Graphics Component Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38250 • CWE-126: Buffer Over-read •