CVSS: 6.8EPSS: 3%CPEs: 20EXPL: 0CVE-2024-20660 – Microsoft Message Queuing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20660
09 Jan 2024 — Microsoft Message Queuing Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Message Queue Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20660 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-20655 – Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20655
09 Jan 2024 — Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Online Certificate Status Protocol (OCSP) de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20655 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 5%CPEs: 26EXPL: 0CVE-2024-20653 – Microsoft Common Log File System Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20653
09 Jan 2024 — Microsoft Common Log File System Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del sistema de archivos de registro común de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20653 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 2%CPEs: 26EXPL: 0CVE-2024-20652 – Windows HTML Platforms Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20652
09 Jan 2024 — Windows HTML Platforms Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de plataformas HTML de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20652 • CWE-73: External Control of File Name or Path •
CVSS: 10.0EPSS: 2%CPEs: 75EXPL: 0CVE-2024-0057 – NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-0057
09 Jan 2024 — NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability Vulnerabididad en NET, .NET Framework y Visual Studio Security Feature Bypass A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw. An attacker could present an arbitrary untrusted certificate with malformed signatures, triggering a bug in the framework. The framework will correctly repor... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 • CWE-20: Improper Input Validation CWE-295: Improper Certificate Validation •
CVSS: 8.7EPSS: 0%CPEs: 77EXPL: 0CVE-2024-0056 – Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-0056
09 Jan 2024 — Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad del proveedor de datos SQL de Microsoft.Data.SqlClient y System.Data.SqlClient A vulnerability was found in the .NET Framework. This vulnerability exists in the Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider where an attackercan perform an AiTM (adversary-in-the-middle) attack between the SQL client and the SQL server. This ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 • CWE-319: Cleartext Transmission of Sensitive Information CWE-420: Unprotected Alternate Channel •
CVSS: 5.4EPSS: 0%CPEs: 16EXPL: 0CVE-2024-21313 – Windows TCP/IP Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21313
09 Jan 2024 — Windows TCP/IP Information Disclosure Vulnerability Vulnerabilidad de divulgación de información TCP/IP de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21313 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.6EPSS: 0%CPEs: 14EXPL: 0CVE-2024-21307 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21307
09 Jan 2024 — Remote Desktop Client Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del cliente de escritorio remoto • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21307 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 4.7EPSS: 0%CPEs: 19EXPL: 0CVE-2024-20691 – Windows Themes Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20691
09 Jan 2024 — Windows Themes Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en temas de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20691 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 7%CPEs: 20EXPL: 0CVE-2024-20683 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20683
09 Jan 2024 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20683 • CWE-416: Use After Free •