CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30084 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30084
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the UnserializePropertySet function in the ks.sys driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 25EXPL: 0CVE-2024-30063 – Windows Distributed File System (DFS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30063
Windows Distributed File System (DFS) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del sistema de archivos distribuido (DFS) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30063 • CWE-641: Improper Restriction of Names for Files and Other Resources •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-30062 – Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30062
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del servicio de administración de almacenamiento basado en estándares de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30062 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 2CVE-2024-35250 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-35250
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the UnserializePropertySet function. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/varwara/CVE-2024-35250 https://github.com/0xjiefeng/CVE-2024-35250-BOF https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30082 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30082
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30082 • CWE-416: Use After Free •