CVE-2024-38227 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38227
Microsoft SharePoint Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38227 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-43467 – Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43467
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43467 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2024-43464 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43464
Microsoft SharePoint Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43464 • CWE-502: Deserialization of Untrusted Data •
CVE-2024-43463 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43463
Microsoft Office Visio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463 • CWE-416: Use After Free •
CVE-2024-38249 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38249
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38249 • CWE-416: Use After Free •