CVSS: 8.4EPSS: 30%CPEs: 5EXPL: 1CVE-2024-6769 – Medium to High Integrity Privilege Escalation in Microsoft Windows
https://notcve.org/view.php?id=CVE-2024-6769
26 Sep 2024 — A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. • https://github.com/fortra/CVE-2024-6769 • CWE-426: Untrusted Search Path •
CVSS: 6.8EPSS: 42%CPEs: 5EXPL: 2CVE-2024-6768 – Denial of Service in CLFS.sys
https://notcve.org/view.php?id=CVE-2024-6768
12 Aug 2024 — A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. • https://packetstorm.news/files/id/180132 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38105 – Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38105
09 Jul 2024 — Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del controlador de Windows Layer-2 Bridge Network • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38105 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38101 – Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38101
09 Jul 2024 — Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del controlador de Windows Layer-2 Bridge Network • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38101 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 2%CPEs: 8EXPL: 0CVE-2024-38099 – Windows Remote Desktop Licensing Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38099
09 Jul 2024 — Windows Remote Desktop Licensing Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio Windows Remote Desktop Licensing • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38099 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-38070 – Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-38070
09 Jul 2024 — Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de Windows LockDown Policy (WLDP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38070 • CWE-693: Protection Mechanism Failure •
CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0CVE-2024-38069 – Windows Enroll Engine Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-38069
09 Jul 2024 — Windows Enroll Engine Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad Windows Enroll Engine • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38069 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 17%CPEs: 16EXPL: 0CVE-2024-38068 – Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38068
09 Jul 2024 — Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servidor de Windows Online Certificate Status Protocol (OCSP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38068 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 17%CPEs: 8EXPL: 0CVE-2024-38067 – Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38067
09 Jul 2024 — Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servidor de Windows Online Certificate Status Protocol (OCSP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38067 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38066 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38066
09 Jul 2024 — Windows Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of validating the existence of an object prior to performing oper... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38066 • CWE-416: Use After Free •