Published on Apr 9, 2024 • Last updated on Nov 15, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
Exploit
A critical elevation of privilege vulnerability in Azure Kubernetes Service Confidential Container allows unauthenticated attackers to access untrusted AKS nodes and take control of confidential guests and containers, despite requiring complex exploitation preparations. The vulnerability enables attackers to move workloads to attacker-controlled machines with root access, potentially leading to credential theft and compromise of resources beyond the AKSCC security scope. Given the high impact on confidentiality, integrity, and availability, combined with the ability to breach containment boundaries, this vulnerability poses a significant risk to confidential computing environments even though it requires sophisticated attack preparation.
Microsoft Defender for IoT Remote Code Execution Vulnerability
Exploit
A path traversal vulnerability in Microsoft Defender for IoT enables authenticated attackers to exploit the update package mechanism by sending malicious tar files, potentially leading to arbitrary file overwrite capabilities. The vulnerability requires low-privilege network access but no user interaction, and if successfully exploited, could result in complete compromise of system confidentiality, integrity, and availability through remote code execution. The critical nature of Defender for IoT in protecting operational technology environments makes this vulnerability particularly concerning for industrial and infrastructure security.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) enables remote code execution when an unauthorized attacker tricks a user into connecting to a malicious server. The exploitation results in high-severity impacts across confidentiality, integrity, and availability of the affected system, potentially allowing complete compromise of the client machine despite requiring user interaction. Given the critical nature of RRAS in network infrastructure and the potential for complete system compromise with no privileges required, this vulnerability represents a significant risk to organizations using the affected service.
This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the handling of Internet Shortcut (.URL) files. The issue results from the lack of a security check on chained Internet Shortcut files. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988</a> <br/></td>
Exploit
A Windows SmartScreen security feature bypass vulnerability exists in the handling of Internet Shortcut (.URL) files, allowing remote attackers to execute arbitrary code by exploiting insufficient security checks on chained Internet Shortcut files. While user interaction is required through opening a malicious file or visiting a compromised webpage, successful exploitation enables code execution in the context of the current user, potentially leading to complete system compromise with high impacts on confidentiality, integrity, and availability. The vulnerability is particularly concerning as it is being actively exploited in the wild by multiple threat actors and malware families, with proof-of-concept exploits publicly available.
Remote Procedure Call Runtime Remote Code Execution Vulnerability
A Remote Procedure Call (RPC) Runtime vulnerability allows authenticated attackers to execute remote code by sending specially crafted RPC calls to an RPC host, requiring only low-level privileges for exploitation. The type confusion flaw can lead to complete system compromise with the same permissions as the RPC service, potentially resulting in high-severity impacts to system confidentiality, integrity, and availability. Given the low attack complexity, network-based attack vector, and no required user interaction, this vulnerability presents a significant risk to organizations running affected RPC services.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) enables remote code execution when an attacker sets up a malicious server and waits for a client connection. While the attack requires user interaction to initiate the connection, it can lead to complete system compromise with high impacts on confidentiality, integrity, and availability since the exploit requires no privileges and has low attack complexity.
Proxy Driver Spoofing Vulnerability
Exploit
A proxy driver spoofing vulnerability allows attackers with high privileges to execute arbitrary code by exploiting improper access controls in Windows systems. Successful exploitation enables complete system compromise, allowing attackers to install programs, modify or delete data, and create new user accounts with full privileges, making this a significant threat to system integrity and confidentiality. Given the vulnerability has been observed being exploited in the wild and affects core Windows functionality, immediate attention is warranted despite the requirement for high privileges to exploit.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows an unauthenticated attacker to achieve remote code execution when a client connects to a malicious server. While the attack requires user interaction to initiate the connection, successful exploitation grants the attacker high-severity impacts across confidentiality, integrity, and availability of the affected system, making it a significant threat despite requiring user interaction.
Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability in the Windows Data Access Components SQL Server ODBC Driver allows remote code execution when an authenticated user connects to a malicious SQL server through ODBC/OLEDB drivers. An attacker can achieve full system compromise with high impact on confidentiality, integrity, and availability by tricking users into connecting to a crafted malicious database server, executing arbitrary code in the context of the SQL client application. The severity of this vulnerability is heightened by its low attack complexity and the lack of required privileges, making it an attractive target for attackers seeking to gain unauthorized system access.
Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability
A remote code execution vulnerability in Microsoft's WDAC OLE DB Provider for SQL Server allows attackers to execute arbitrary code by tricking authenticated users into connecting to a malicious SQL server via OLEDB. The critical nature of this heap-based buffer overflow vulnerability is heightened by its low attack complexity and the fact that it can lead to complete system compromise, potentially giving attackers full control over affected systems with high impacts on confidentiality, integrity, and availability. Given the widespread use of Microsoft SQL Server in enterprise environments and the relatively simple exploitation path requiring only user interaction, this vulnerability represents a significant risk to organizational security.
CVE ID | CVSS Score | Product | Trend | Exploit |
---|---|---|---|---|
CVE-2024-29993Azure CycleCloud Elevation of Privilege Vulnerability | CVSS 8.8 | azure_cyclecloud | - | |
CVE-2024-29992Azure Identity Library for .NET Information Disclosure Vulnerability | CVSS 5.5 | robotic_process_automation | - | |
CVE-2024-29991This vulnerability allows remote attackers to bypass the Mark-Of-The-Web security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the handling of .MHT files. The issue results from the lack of a security check on .MHT files located in shared folders. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29991">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29991</a> <br/></td> | CVSS 5 | edge | - | |
CVE-2024-29990Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | CVSS 9 | azure_kubernetes_service | Apr 15, 2024 | |
CVE-2024-29989Azure Monitor Agent Elevation of Privilege Vulnerability | CVSS 8.4 | azure_monitor_agent | - | |
CVE-2024-29988This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the handling of Internet Shortcut (.URL) files. The issue results from the lack of a security check on chained Internet Shortcut files. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988</a> <br/></td> | CVSS 8.8 | windows_10_1809 | Apr 9, 2024 | |
CVE-2024-29987Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | CVSS 6.5 | edge | - | |
CVE-2024-29986Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability | CVSS 5.4 | edge | - | |
CVE-2024-29985Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29984Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29983Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29982Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29981Microsoft Edge (Chromium-based) Spoofing Vulnerability | CVSS 4.3 | edge | - | |
CVE-2024-29066Windows Distributed File System (DFS) Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-29064Windows Hyper-V Denial of Service Vulnerability | CVSS 6.2 | - | - | |
CVE-2024-29063Azure AI Search Information Disclosure Vulnerability | CVSS 7.3 | - | - | |
CVE-2024-29062Secure Boot Security Feature Bypass Vulnerability | CVSS 7.1 | windows_10_1507 | - | |
CVE-2024-29061Secure Boot Security Feature Bypass Vulnerability | CVSS 7.8 | windows_10_1507 | - | |
CVE-2024-29056Windows Authentication Elevation of Privilege Vulnerability | CVSS 4.3 | windows_server_2008 | - | |
CVE-2024-29055Microsoft Defender for IoT Elevation of Privilege Vulnerability | CVSS 7.2 | defender_for_iot | - | |
CVE-2024-29054Microsoft Defender for IoT Elevation of Privilege Vulnerability | CVSS 7.2 | defender_for_iot | - | |
CVE-2024-29053Microsoft Defender for IoT Remote Code Execution Vulnerability | CVSS 8.8 | defender_for_iot | Apr 9, 2024 | |
CVE-2024-29052Windows Storage Elevation of Privilege Vulnerability | CVSS 7.8 | windows_10_21h2 | - | |
CVE-2024-29050Windows Cryptographic Services Remote Code Execution Vulnerability | CVSS 8.4 | windows | - | |
CVE-2024-29049Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | CVSS 4.1 | edge | - | |
CVE-2024-29048Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29047Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29046Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29045Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 7.5 | ole_db_driver_for_sql_server | - | |
CVE-2024-29044Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-29043Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28945Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28944Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28943Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28942Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28941Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28940Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28939Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28938Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28937Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28936Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28935Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28934Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28933Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28932Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28931Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28930Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28929Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | odbc_driver_for_sql_server | - | |
CVE-2024-28927Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28926Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28925Secure Boot Security Feature Bypass Vulnerability | CVSS 8 | windows | - | |
CVE-2024-28924Secure Boot Security Feature Bypass Vulnerability | CVSS 6.7 | windows | - | |
CVE-2024-28923Secure Boot Security Feature Bypass Vulnerability | CVSS 6.4 | - | - | |
CVE-2024-28922Secure Boot Security Feature Bypass Vulnerability | CVSS 4.1 | - | - | |
CVE-2024-28921Secure Boot Security Feature Bypass Vulnerability | CVSS 6.7 | - | - | |
CVE-2024-28920Secure Boot Security Feature Bypass Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-28919Secure Boot Security Feature Bypass Vulnerability | CVSS 6.7 | - | - | |
CVE-2024-28917Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability | CVSS 6.2 | azure_arc-enabled_kubernetes | - | |
CVE-2024-28915Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28914Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28913Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28912Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28911Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28910Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28909Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28908Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28907Microsoft Brokering File System Elevation of Privilege Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-28906Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | ole_db_driver_for_sql_server | - | |
CVE-2024-28905Microsoft Brokering File System Elevation of Privilege Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-28904Microsoft Brokering File System Elevation of Privilege Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-28903Secure Boot Security Feature Bypass Vulnerability | CVSS 6.7 | - | - | |
CVE-2024-28902Windows Remote Access Connection Manager Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-28901Windows Remote Access Connection Manager Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-28900Windows Remote Access Connection Manager Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-28898Secure Boot Security Feature Bypass Vulnerability | CVSS 6.3 | windows | - | |
CVE-2024-28897Secure Boot Security Feature Bypass Vulnerability | CVSS 6.8 | - | - | |
CVE-2024-28896Secure Boot Security Feature Bypass Vulnerability | CVSS 7.5 | - | - | |
CVE-2024-26257Microsoft Excel Remote Code Execution Vulnerability | CVSS 7.8 | excel | - | |
CVE-2024-26256libarchive Remote Code Execution Vulnerability | CVSS 7.8 | libarchive | - | |
CVE-2024-26255Windows Remote Access Connection Manager Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-26254Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability | CVSS 7.5 | - | - | |
CVE-2024-26253Windows rndismp6.sys Remote Code Execution Vulnerability | CVSS 6.8 | windows | - | |
CVE-2024-26252Windows rndismp6.sys Remote Code Execution Vulnerability | CVSS 6.8 | windows | - | |
CVE-2024-26251Microsoft SharePoint Server Spoofing Vulnerability | CVSS 6.8 | sharepoint_server | - | |
CVE-2024-26250Secure Boot Security Feature Bypass Vulnerability | CVSS 6.7 | - | - | |
CVE-2024-26248Windows Kerberos Elevation of Privilege Vulnerability | CVSS 7.5 | - | - | |
CVE-2024-26245Windows SMB Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-26244Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | windows_data_access_components | - | |
CVE-2024-26243Windows USB Print Driver Elevation of Privilege Vulnerability | CVSS 7 | Windows | - | |
CVE-2024-26242Windows Telephony Server Elevation of Privilege Vulnerability | CVSS 7 | - | - | |
CVE-2024-26241Win32k Elevation of Privilege Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-26240Secure Boot Security Feature Bypass Vulnerability | CVSS 8 | - | - | |
CVE-2024-26239Windows Telephony Server Elevation of Privilege Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-26237Windows Defender Credential Guard Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-26236Windows Update Stack Elevation of Privilege Vulnerability | CVSS 7 | windows | - | |
CVE-2024-26235Windows Update Stack Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-26234Proxy Driver Spoofing Vulnerability | CVSS 6.7 | windows | Apr 9, 2024 | |
CVE-2024-26233Windows DNS Server Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-26232Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | CVSS 7.3 | message_queuing | - | |
CVE-2024-26231Windows DNS Server Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-26230Windows Telephony Server Elevation of Privilege Vulnerability | CVSS 7.8 | - | Apr 13, 2024 | |
CVE-2024-26229Windows CSC Service Elevation of Privilege Vulnerability | CVSS 7.8 | windows | Jun 11, 2024 | |
CVE-2024-26228Windows Cryptographic Services Security Feature Bypass Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-26227Windows DNS Server Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-26226Windows Distributed File System (DFS) Information Disclosure Vulnerability | CVSS 6.5 | - | - | |
CVE-2024-26224Windows DNS Server Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-26223Windows DNS Server Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-26222Windows DNS Server Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-26221Windows DNS Server Remote Code Execution Vulnerability | CVSS 7.2 | - | - | |
CVE-2024-26220Windows Mobile Hotspot Information Disclosure Vulnerability | CVSS 5 | windows_mobile | - | |
CVE-2024-26219HTTP.sys Denial of Service Vulnerability | CVSS 7.5 | - | - | |
CVE-2024-26218Windows Kernel Elevation of Privilege Vulnerability | CVSS 7.8 | - | Apr 26, 2024 | |
CVE-2024-26217Windows Remote Access Connection Manager Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-26216Windows File Server Resource Management Service Elevation of Privilege Vulnerability | CVSS 7.3 | windows | - | |
CVE-2024-26215DHCP Server Service Denial of Service Vulnerability | CVSS 7.5 | dhcp | - | |
CVE-2024-26214Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability | CVSS 8.8 | windows_data_access_components | - | |
CVE-2024-26213Microsoft Brokering File System Elevation of Privilege Vulnerability | CVSS 7 | - | - | |
CVE-2024-26212DHCP Server Service Denial of Service Vulnerability | CVSS 7.5 | dhcp | - | |
CVE-2024-26211Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-26210Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | windows_data_access_components | - | |
CVE-2024-26209Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-26208Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | CVSS 7.2 | message_queuing | - | |
CVE-2024-26207Windows Remote Access Connection Manager Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-26205Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | - | - | |
CVE-2024-26202DHCP Server Service Remote Code Execution Vulnerability | CVSS 7.2 | dhcp | - | |
CVE-2024-26200Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | - | - | |
CVE-2024-26195DHCP Server Service Remote Code Execution Vulnerability | CVSS 7.2 | dhcp | - | |
CVE-2024-26194Secure Boot Security Feature Bypass Vulnerability | CVSS 7.4 | - | - | |
CVE-2024-26193Azure Migrate Remote Code Execution Vulnerability | CVSS 6.4 | - | - | |
CVE-2024-26189Secure Boot Security Feature Bypass Vulnerability | CVSS 8 | - | - | |
CVE-2024-26183Windows Kerberos Denial of Service Vulnerability | CVSS 6.5 | windows | - | |
CVE-2024-26180Secure Boot Security Feature Bypass Vulnerability | CVSS 8 | windows | - | |
CVE-2024-26179Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | - | - | |
CVE-2024-26175Secure Boot Security Feature Bypass Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-26172Windows DWM Core Library Information Disclosure Vulnerability | CVSS 5.5 | - | - | |
CVE-2024-26171Secure Boot Security Feature Bypass Vulnerability | CVSS 6.7 | - | - | |
CVE-2024-26168Secure Boot Security Feature Bypass Vulnerability | CVSS 6.8 | - | - | |
CVE-2024-26158This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the Windows Installer service. By creating a symbolic link, an attacker can abuse the service to write arbitrary registry values. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158</a> <br/></td> | CVSS 7.8 | - | - | |
CVE-2024-21447Windows Authentication Elevation of Privilege Vulnerability | CVSS 7.8 | - | - | |
CVE-2024-21424Azure Compute Gallery Elevation of Privilege Vulnerability | CVSS 6.5 | - | - | |
CVE-2024-21409Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 ,and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A use-after-free vulnerability exists in WPF which may result in Elevation of Privilege when viewing untrusted documents. This is a Windows only vulnerability. | CVSS 7.3 | net | - | |
CVE-2024-21324Microsoft Defender for IoT Elevation of Privilege Vulnerability | CVSS 7.2 | defender_for_iot | - | |
CVE-2024-21323Microsoft Defender for IoT Remote Code Execution Vulnerability | CVSS 8.8 | defender_for_iot | Apr 11, 2024 | |
CVE-2024-21322Microsoft Defender for IoT Remote Code Execution Vulnerability | CVSS 7.2 | defender_for_iot | Apr 11, 2024 | |
CVE-2024-20693Windows Kernel Elevation of Privilege Vulnerability | CVSS 7.8 | services | - | |
CVE-2024-20689Secure Boot Security Feature Bypass Vulnerability | CVSS 7.1 | windows_server_2012 | - | |
CVE-2024-20688Secure Boot Security Feature Bypass Vulnerability | CVSS 7.1 | windows_server_2012 | - | |
CVE-2024-20685This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure Private 5G Core. Authentication is not required to exploit this vulnerability.<br/>The specific flaw exists within the handling of InitialUEMessage messages. The issue results from improper length validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the 5G network.<br/> Microsoft has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20685">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20685</a> <br/></td> | CVSS 5.9 | udp | - | |
CVE-2024-20678Remote Procedure Call Runtime Remote Code Execution Vulnerability | CVSS 8.8 | - | - | |
CVE-2024-20670Outlook for Windows Spoofing Vulnerability | CVSS 8.1 | - | - | |
CVE-2024-20669Secure Boot Security Feature Bypass Vulnerability | CVSS 6.7 | - | - | |
CVE-2024-20665BitLocker Security Feature Bypass Vulnerability | CVSS 6.1 | bitlocker | - |