CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 1CVE-2024-6769 – Medium to High Integrity Privilege Escalation in Microsoft Windows
https://notcve.org/view.php?id=CVE-2024-6769
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. • https://github.com/fortra/CVE-2024-6769 https://www.fortra.com/security/advisories/research/fr-2024-002 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-30073 – Windows Security Zone Mapping Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-30073
Windows Security Zone Mapping Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30073 • CWE-41: Improper Resolution of Path Equivalence •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-43455 – Windows Remote Desktop Licensing Service Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2024-43455
Windows Remote Desktop Licensing Service Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43455 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2024-43454 – Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43454
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43454 • CWE-23: Relative Path Traversal •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2024-38119 – Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38119
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38119 • CWE-416: Use After Free •