CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 7CVE-2024-30088 – Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
https://notcve.org/view.php?id=CVE-2024-30088
11 Jun 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of NtQueryInformationToken. The issue results from the lack of proper locking when performing ope... • https://packetstorm.news/files/id/179642 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30087 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30087
11 Jun 2024 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of proper input validation. An attacker can leverage this vulnerability to escala... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30086 – Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30086
11 Jun 2024 — Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del subsistema kernel de Windows Win32 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition. The issue results from the lack of validating the existence of a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30086 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2CVE-2024-30085 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30085
11 Jun 2024 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador del minifiltro de archivos en la nube de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt kernel driver. The issue results from ... • https://github.com/Adamkadaban/CVE-2024-30085 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30084 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30084
11 Jun 2024 — Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador en modo kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the UnserializePropertySet function in the ks.sys driver. The issue results from the... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-30083 – Windows Standards-Based Storage Management Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-30083
11 Jun 2024 — Windows Standards-Based Storage Management Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio de administración de almacenamiento basado en estándares de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30083 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-30068 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30068
11 Jun 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30068 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30067 – Winlogon Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30067
11 Jun 2024 — Winlogon Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Winlogon • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30067 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30066 – Winlogon Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30066
11 Jun 2024 — Winlogon Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Winlogon • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30066 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30065 – Windows Themes Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-30065
11 Jun 2024 — Windows Themes Denial of Service Vulnerability Vulnerabilidad de denegación de servicio en temas de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30065 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •