CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-28899 – Secure Boot Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-28899
Secure Boot Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de arranque seguro • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28899 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33881
https://notcve.org/view.php?id=CVE-2024-33881
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter. Se descubrió un problema en VirtoSoftware Virto Bulk File Download 5.5.44 para SharePoint 2019. El método Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted permite una fuga de hash NTLMv2 a través de un nombre de ruta compartido UNC en el parámetro de ruta. • https://docs.virtosoftware.com/v/virto-security-frequently-asked-questions-faq https://download.virtosoftware.com/Manuals/nu_ncsc_virto_one_bulk_file_download_v5.4.4_pt_disclosure.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-35265 – Windows Perception Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-35265
Windows Perception Service Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del servicio de percepción de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35265 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-30100 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30100
Microsoft SharePoint Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft SharePoint Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30100 • CWE-426: Untrusted Search Path •
CVSS: 7.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-30099 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30099
Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30099 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •