CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30087 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30087
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30086 – Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30086
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30086 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-30085 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30085
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt kernel driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30085 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30084 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30084
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the UnserializePropertySet function in the ks.sys driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 25EXPL: 0CVE-2024-30063 – Windows Distributed File System (DFS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30063
Windows Distributed File System (DFS) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del sistema de archivos distribuido (DFS) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30063 • CWE-641: Improper Restriction of Names for Files and Other Resources •