Page 18 of 360 results (0.002 seconds)

CVSS: 9.0EPSS: 0%CPEs: 24EXPL: 2

08 Oct 2024 — Remote Registry Service Elevation of Privilege Vulnerability • https://github.com/HazeLook/CVE-2024-43532 • CWE-636: Not Failing Securely ('Failing Open') •

CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0

08 Oct 2024 — Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43519 • CWE-197: Numeric Truncation Error •

CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0

08 Oct 2024 — Windows Telephony Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43518 • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

08 Oct 2024 — Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43515 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.4EPSS: 0%CPEs: 17EXPL: 0

08 Oct 2024 — BitLocker Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43513 • CWE-693: Protection Mechanism Failure •

CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0

08 Oct 2024 — BranchCache Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43506 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

08 Oct 2024 — Windows Secure Kernel Mode Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43516 • CWE-822: Untrusted Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

08 Oct 2024 — Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage th... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43556 • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

10 Sep 2024 — Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43491 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0

10 Sep 2024 — Windows Mark of the Web Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43487 • CWE-693: Protection Mechanism Failure •