CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21395 – Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2024-21395
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Vulnerabilidad de Cross-Site Scripting en Microsoft Dynamics 365 (local) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21395 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21384 – Microsoft Office OneNote Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21384
Microsoft Office OneNote Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Office OneNote • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21384 • CWE-416: Use After Free •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21380 – Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21380
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Dynamics Business Central/NAV • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2024-21378 – Microsoft Outlook Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21378
Microsoft Outlook Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Outlook • https://github.com/d0rb/CVE-2024-21378 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21378 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21328 – Dynamics 365 Sales Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-21328
Dynamics 365 Sales Spoofing Vulnerability Vulnerabilidad de suplantación de ventas en Dynamics 365 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21328 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •