CVSS: 10.0EPSS: 0%CPEs: 21EXPL: 0CVE-2024-21349 – Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21349
13 Feb 2024 — Microsoft ActiveX Data Objects Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de objetos de datos ActiveX de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21349 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.9EPSS: 0%CPEs: 16EXPL: 0CVE-2024-21340 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21340
13 Feb 2024 — Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21340 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2024-21320 – Windows Themes Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-21320
09 Jan 2024 — Windows Themes Spoofing Vulnerability Vulnerabilidad de suplantación de temas de Windows • https://github.com/sxyrxyy/CVE-2024-21320-POC • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-21314 – Microsoft Message Queuing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21314
09 Jan 2024 — Microsoft Message Queuing Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Message Queue Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21314 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-21311 – Windows Cryptographic Services Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21311
09 Jan 2024 — Windows Cryptographic Services Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de servicios criptográficos de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21311 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-20692 – Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20692
09 Jan 2024 — Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del servicio del subsistema de la autoridad de seguridad local de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20692 • CWE-326: Inadequate Encryption Strength CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.4EPSS: 0%CPEs: 16EXPL: 0CVE-2024-21313 – Windows TCP/IP Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21313
09 Jan 2024 — Windows TCP/IP Information Disclosure Vulnerability Vulnerabilidad de divulgación de información TCP/IP de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21313 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.6EPSS: 0%CPEs: 14EXPL: 0CVE-2024-21307 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21307
09 Jan 2024 — Remote Desktop Client Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del cliente de escritorio remoto • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21307 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-20694 – Windows CoreMessaging Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20694
09 Jan 2024 — Windows CoreMessaging Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Windows CoreMessaging • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20694 • CWE-668: Exposure of Resource to Wrong Sphere CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 0CVE-2023-20588 – Speculative Leaks
https://notcve.org/view.php?id=CVE-2023-20588
08 Aug 2023 — A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Un error de división por cero en algunos procesadores AMD puede potencialmente devolver datos especulativos que resulten en una pérdida de confidencialidad. It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device ... • http://www.openwall.com/lists/oss-security/2023/09/25/3 • CWE-369: Divide By Zero •