CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38089 – Microsoft Defender for IoT Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38089
09 Jul 2024 — Microsoft Defender for IoT Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38089 • CWE-269: Improper Privilege Management •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29054 – Microsoft Defender for IoT Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-29054
09 Apr 2024 — Microsoft Defender for IoT Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Defender para IoT • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29054 • CWE-284: Improper Access Control •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29055 – Microsoft Defender for IoT Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-29055
09 Apr 2024 — Microsoft Defender for IoT Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Defender para IoT • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29055 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29053 – Microsoft Defender for IoT Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-29053
09 Apr 2024 — Microsoft Defender for IoT Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Defender para IoT • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29053 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-36: Absolute Path Traversal •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21324 – Microsoft Defender for IoT Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21324
09 Apr 2024 — Microsoft Defender for IoT Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Defender para IoT • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21324 • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21323 – Microsoft Defender for IoT Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21323
09 Apr 2024 — Microsoft Defender for IoT Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Defender para IoT • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21323 • CWE-36: Absolute Path Traversal •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21322 – Microsoft Defender for IoT Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21322
09 Apr 2024 — Microsoft Defender for IoT Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Defender para IoT • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21322 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 80%CPEs: 444EXPL: 14CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23379 – Microsoft Defender for IoT Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23379
14 Feb 2023 — Microsoft Defender for IoT Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23379 • CWE-23: Relative Path Traversal •
CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 0CVE-2022-23265 – Microsoft Defender for IoT Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-23265
09 Mar 2022 — Microsoft Defender for IoT Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Defender for IoT This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure Defender for IoT. An attacker must first obtain the ability to execute code as the www-data user on the target system in order to exploit this vulnerability. The specific flaw exists within the password change mechanism. The issue results from the lack of prop... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23265 •