CVSS: 8.4EPSS: 30%CPEs: 5EXPL: 1CVE-2024-6769 – Medium to High Integrity Privilege Escalation in Microsoft Windows
https://notcve.org/view.php?id=CVE-2024-6769
26 Sep 2024 — A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. • https://github.com/fortra/CVE-2024-6769 • CWE-426: Untrusted Search Path •
CVSS: 6.8EPSS: 42%CPEs: 5EXPL: 2CVE-2024-6768 – Denial of Service in CLFS.sys
https://notcve.org/view.php?id=CVE-2024-6768
12 Aug 2024 — A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. • https://packetstorm.news/files/id/180132 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38105 – Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38105
09 Jul 2024 — Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del controlador de Windows Layer-2 Bridge Network • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38105 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-38101 – Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38101
09 Jul 2024 — Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del controlador de Windows Layer-2 Bridge Network • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38101 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 2%CPEs: 8EXPL: 0CVE-2024-38099 – Windows Remote Desktop Licensing Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38099
09 Jul 2024 — Windows Remote Desktop Licensing Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio Windows Remote Desktop Licensing • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38099 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-38070 – Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-38070
09 Jul 2024 — Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de Windows LockDown Policy (WLDP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38070 • CWE-693: Protection Mechanism Failure •
CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0CVE-2024-38069 – Windows Enroll Engine Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-38069
09 Jul 2024 — Windows Enroll Engine Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad Windows Enroll Engine • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38069 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 17%CPEs: 16EXPL: 0CVE-2024-38068 – Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38068
09 Jul 2024 — Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servidor de Windows Online Certificate Status Protocol (OCSP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38068 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 17%CPEs: 8EXPL: 0CVE-2024-38067 – Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38067
09 Jul 2024 — Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servidor de Windows Online Certificate Status Protocol (OCSP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38067 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0CVE-2024-38065 – Secure Boot Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-38065
09 Jul 2024 — Secure Boot Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de arranque seguro • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38065 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •