CVSS: 8.7EPSS: 0%CPEs: 77EXPL: 0CVE-2024-0056 – Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-0056
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad del proveedor de datos SQL de Microsoft.Data.SqlClient y System.Data.SqlClient A vulnerability was found in the .NET Framework. This vulnerability exists in the Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider where an attackercan perform an AiTM (adversary-in-the-middle) attack between the SQL client and the SQL server. This may allow the attacker to steal authentication credentials intended for the database server, even if the connection is established over an encrypted channel like TLS. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 https://access.redhat.com/security/cve/CVE-2024-0056 https://bugzilla.redhat.com/show_bug.cgi?id=2255384 • CWE-319: Cleartext Transmission of Sensitive Information CWE-420: Unprotected Alternate Channel •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2024-21313 – Windows TCP/IP Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21313
Windows TCP/IP Information Disclosure Vulnerability Vulnerabilidad de divulgación de información TCP/IP de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21313 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-21307 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21307
Remote Desktop Client Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del cliente de escritorio remoto • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21307 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 1CVE-2024-21305 – Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-21305
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de Hypervisor-Protected Code Integrity (HVCI) • https://github.com/tandasat/CVE-2024-21305 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21305 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20700
Windows Hyper-V Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Windows Hyper-V • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20700 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •