CVSS: 7.5EPSS: 64%CPEs: 14EXPL: 0CVE-2024-38112 – Microsoft Windows MSHTML Platform Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-38112
Windows MSHTML Platform Spoofing Vulnerability Vulnerabilidad de suplantación de plataforma Windows MSHTML Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-38104 – Windows Fax Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38104
Windows Fax Service Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del servicio de fax de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38104 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38102 – Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38102
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del controlador de Windows Layer-2 Bridge Network • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38102 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2024-38100 – Windows File Explorer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38100
Windows File Explorer Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Windows File Explorer • https://github.com/Florian-Hoth/CVE-2024-38100-RCE-POC https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38100 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2024-38091 – Microsoft WS-Discovery Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38091
Microsoft WS-Discovery Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38091 • CWE-166: Improper Handling of Missing Special Element •