CVSS: 8.4EPSS: 30%CPEs: 5EXPL: 1CVE-2024-6769 – Medium to High Integrity Privilege Escalation in Microsoft Windows
https://notcve.org/view.php?id=CVE-2024-6769
26 Sep 2024 — A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. • https://github.com/fortra/CVE-2024-6769 • CWE-426: Untrusted Search Path •
CVSS: 6.8EPSS: 42%CPEs: 5EXPL: 2CVE-2024-6768 – Denial of Service in CLFS.sys
https://notcve.org/view.php?id=CVE-2024-6768
12 Aug 2024 — A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. • https://packetstorm.news/files/id/180132 • CWE-1284: Improper Validation of Specified Quantity in Input •