CVSS: 8.3EPSS: 0%CPEs: 14EXPL: 0CVE-2024-37986 – Secure Boot Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-37986
09 Jul 2024 — Secure Boot Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de arranque seguro • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37986 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2024-35270 – Windows iSCSI Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-35270
09 Jul 2024 — Windows iSCSI Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio Windows iSCSI • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35270 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2024-30098 – Windows Cryptographic Services Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-30098
09 Jul 2024 — Windows Cryptographic Services Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de los servicios criptográficos de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30098 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30081 – Windows NTLM Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-30081
09 Jul 2024 — Windows NTLM Spoofing Vulnerability Vulnerabilidad de suplantación de Windows NTLM • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30081 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-28899 – Secure Boot Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-28899
09 Jul 2024 — Secure Boot Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de arranque seguro • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28899 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30094 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30094
11 Jun 2024 — Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del Servicio de enrutamiento y acceso remoto de Windows (RRAS) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30094 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30091 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30091
11 Jun 2024 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30091 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 7CVE-2024-30088 – Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
https://notcve.org/view.php?id=CVE-2024-30088
11 Jun 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of NtQueryInformationToken. The issue results from the lack of proper locking when performing ope... • https://packetstorm.news/files/id/179642 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30087 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30087
11 Jun 2024 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of proper input validation. An attacker can leverage this vulnerability to escala... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30086 – Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30086
11 Jun 2024 — Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del subsistema kernel de Windows Win32 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition. The issue results from the lack of validating the existence of a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30086 • CWE-416: Use After Free •