CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-6746 – NaiboWang EasySpider HTTP GET Request server.js path traversal
https://notcve.org/view.php?id=CVE-2024-6746
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. • https://github.com/NaiboWang/EasySpider/issues/466 https://vuldb.com/?ctiid.271477 https://vuldb.com/?id.271477 https://vuldb.com/?submit.371998 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-24: Path Traversal: '../filedir' •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-21417 – Windows Text Services Framework Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21417
Windows Text Services Framework Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Text Services Framework • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21417 • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38105 – Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38105
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del controlador de Windows Layer-2 Bridge Network • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38105 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38101 – Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38101
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del controlador de Windows Layer-2 Bridge Network • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38101 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38099 – Windows Remote Desktop Licensing Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38099
Windows Remote Desktop Licensing Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio Windows Remote Desktop Licensing • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38099 • CWE-287: Improper Authentication •