CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2024-35270 – Windows iSCSI Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-35270
Windows iSCSI Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio Windows iSCSI • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35270 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2024-30098 – Windows Cryptographic Services Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-30098
Windows Cryptographic Services Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de los servicios criptográficos de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30098 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0CVE-2024-30081 – Windows NTLM Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-30081
Windows NTLM Spoofing Vulnerability Vulnerabilidad de suplantación de Windows NTLM • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30081 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-28899 – Secure Boot Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-28899
Secure Boot Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de arranque seguro • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28899 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 10%CPEs: 4EXPL: 5CVE-2024-36991 – Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows
https://notcve.org/view.php?id=CVE-2024-36991
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. En las versiones de Splunk Enterprise en Windows inferiores a 9.2.2, 9.1.5 y 9.0.10, un atacante podría realizar un path traversal en el endpoint /modules/messaging/ en Splunk Enterprise en Windows. Esta vulnerabilidad solo debería afectar a Splunk Enterprise en Windows. • https://github.com/bigb0x/CVE-2024-36991 https://github.com/Mr-xn/CVE-2024-36991 https://github.com/th3gokul/CVE-2024-36991 https://github.com/Cappricio-Securities/CVE-2024-36991 https://github.com/sardine-web/CVE-2024-36991 https://advisory.splunk.com/advisories/SVD-2024-0711 https://research.splunk.com/application/e7c2b064-524e-4d65-8002-efce808567aa • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •