CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20690 – Windows Nearby Sharing Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-20690
09 Jan 2024 — Windows Nearby Sharing Spoofing Vulnerability Vulnerabilidad de Nearby Sharing Spoofing de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20690 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2024-20683 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20683
09 Jan 2024 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20683 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-20682 – Windows Cryptographic Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20682
09 Jan 2024 — Windows Cryptographic Services Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de los servicios criptográficos de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20682 • CWE-822: Untrusted Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20680 – Windows Message Queuing Client (MSMQC) Information Disclosure
https://notcve.org/view.php?id=CVE-2024-20680
09 Jan 2024 — Windows Message Queuing Client (MSMQC) Information Disclosure Divulgación de información de Message Queuing Client (MSMQC) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20680 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2024-20658 – Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20658
09 Jan 2024 — Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del disco duro virtual de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20658 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20657 – Windows Group Policy Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-20657
09 Jan 2024 — Windows Group Policy Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en la política de grupo de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20657 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20654 – Microsoft ODBC Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20654
09 Jan 2024 — Microsoft ODBC Driver Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador ODBC de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20654 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20674
09 Jan 2024 — Windows Kerberos Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad Kerberos de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674 • CWE-290: Authentication Bypass by Spoofing CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 3CVE-2024-20666 – BitLocker Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20666
09 Jan 2024 — BitLocker Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de BitLocker • https://github.com/invaderslabs/CVE-2024-20666 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0206
https://notcve.org/view.php?id=CVE-2024-0206
09 Jan 2024 — A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files Una vulnerabilidad de manipulación de enlaces simbólicos en Trellix Anti-Malwa... • https://kcm.trellix.com/corporate/index?page=content&id=SB10415 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •