CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6222 – In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages
https://notcve.org/view.php?id=CVE-2024-6222
An attacker must first obtain the ability to execute high-privileged code within the container in order to exploit this vulnerability. The specific flaw exists within the the implemention of the Docker Extensions functionality. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the host. • https://github.com/Florian-Hoth/CVE-2024-6222 https://docs.docker.com/desktop/release-notes/#4290 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 7.2EPSS: 3%CPEs: 3EXPL: 1CVE-2024-38094 – Microsoft SharePoint Deserialization Vulnerability
https://notcve.org/view.php?id=CVE-2024-38094
Microsoft SharePoint Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft SharePoint Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution. • https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38078 – Xbox Wireless Adapter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38078
Xbox Wireless Adapter Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38078 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38076 – Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38076
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38076 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-38074 – Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38074
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38074 • CWE-191: Integer Underflow (Wrap or Wraparound) •