CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26158 – Microsoft Install Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26158
09 Apr 2024 — Microsoft Install Service Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a symbolic link, an attacker can abuse the service to write arbitrary registry values. An attacker can leverage this vulnerabil... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26185 – Windows Compressed Folder Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2024-26185
12 Mar 2024 — Windows Compressed Folder Tampering Vulnerability Vulnerabilidad de manipulación de carpetas comprimidas de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26185 • CWE-73: External Control of File Name or Path •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26181 – Windows Kernel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-26181
12 Mar 2024 — Windows Kernel Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26181 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26178 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26178
12 Mar 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26178 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26177 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26177
12 Mar 2024 — Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26177 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26176 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26176
12 Mar 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26176 • CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26174 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26174
12 Mar 2024 — Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26174 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26173 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26173
12 Mar 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26173 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26170 – Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26170
12 Mar 2024 — Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del sistema de archivos de imágenes compuestas de Windows (CimFS) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26170 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0CVE-2024-26166 – Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-26166
12 Mar 2024 — Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Proveedor Microsoft WDAC OLE DB para la vulnerabilidad de ejecución remota de código de SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26166 • CWE-122: Heap-based Buffer Overflow •