CVSS: 6.8EPSS: 0%CPEs: 22EXPL: 0CVE-2024-20664 – Microsoft Message Queuing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20664
09 Jan 2024 — Microsoft Message Queuing Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Message Queue Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20664 • CWE-822: Untrusted Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 22EXPL: 0CVE-2024-20663 – Windows Message Queuing Client (MSMQC) Information Disclosure
https://notcve.org/view.php?id=CVE-2024-20663
09 Jan 2024 — Windows Message Queuing Client (MSMQC) Information Disclosure Divulgación de información de Message Queuing Client (MSMQC) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20663 • CWE-822: Untrusted Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-20662 – Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20662
09 Jan 2024 — Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Online Certificate Status Protocol (OCSP) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20662 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2024-20661 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20661
09 Jan 2024 — Microsoft Message Queuing Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de Microsoft Message Queuing Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20661 • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0CVE-2024-20660 – Microsoft Message Queuing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20660
09 Jan 2024 — Microsoft Message Queuing Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Message Queue Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20660 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-20655 – Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20655
09 Jan 2024 — Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Online Certificate Status Protocol (OCSP) de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20655 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20653 – Microsoft Common Log File System Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20653
09 Jan 2024 — Microsoft Common Log File System Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del sistema de archivos de registro común de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20653 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20652 – Windows HTML Platforms Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20652
09 Jan 2024 — Windows HTML Platforms Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de plataformas HTML de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20652 • CWE-73: External Control of File Name or Path •
CVSS: 10.0EPSS: 0%CPEs: 75EXPL: 0CVE-2024-0057 – NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-0057
09 Jan 2024 — NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability Vulnerabididad en NET, .NET Framework y Visual Studio Security Feature Bypass A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw. An attacker could present an arbitrary untrusted certificate with malformed signatures, triggering a bug in the framework. The framework will correctly repor... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 • CWE-20: Improper Input Validation CWE-295: Improper Certificate Validation •
CVSS: 8.7EPSS: 0%CPEs: 77EXPL: 0CVE-2024-0056 – Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-0056
09 Jan 2024 — Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad del proveedor de datos SQL de Microsoft.Data.SqlClient y System.Data.SqlClient A vulnerability was found in the .NET Framework. This vulnerability exists in the Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data provider where an attackercan perform an AiTM (adversary-in-the-middle) attack between the SQL client and the SQL server. This ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 • CWE-319: Cleartext Transmission of Sensitive Information CWE-420: Unprotected Alternate Channel •