Page 25 of 251 results (0.006 seconds)

CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0

Windows Common Log File System Driver Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38196 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38193 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

Kernel Streaming Service Driver Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38191 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38184 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 1%CPEs: 20EXPL: 1

Scripting Engine Memory Corruption Vulnerability Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL. • https://github.com/uixss/PoC-CVE-2024-38178 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •