Published on Oct 8, 2024 • Last updated on Nov 15, 2024
No attribution of malware families available at the moment.
Microsoft Management Console Remote Code Execution Vulnerability
Exploit
A critical vulnerability in Microsoft Management Console enables remote code execution through specially crafted MSC files, requiring user interaction but no elevated privileges to exploit. When successfully exploited, this flaw allows attackers to achieve complete compromise of system confidentiality, integrity, and availability with the same privileges as the user running the Management Console. Given that this vulnerability is being actively exploited in the wild and has been added to CISA's Known Exploited Vulnerabilities catalog, immediate patching is essential to prevent unauthorized code execution and potential system compromise.
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
A remote code execution vulnerability in Microsoft ActiveX Data Objects allows attackers to execute arbitrary code by tricking users into connecting to a malicious SQL database server through their SQL client application. The vulnerability can lead to complete system compromise with the same privileges as the authenticated victim, potentially exposing sensitive data, modifying system files, or disrupting system availability if the user has elevated permissions. Given the low attack complexity and high impact across confidentiality, integrity, and availability metrics, this vulnerability presents a significant risk despite requiring user interaction for successful exploitation.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
A critical remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) allows unauthenticated attackers to send specially crafted protocol messages to the RRAS server, potentially gaining complete system control. The attack scenario requires an admin user to connect to a malicious server, which can then execute arbitrary commands on the client machine without consent, potentially leading to full system compromise including unauthorized access, data manipulation, and service disruption. This vulnerability poses a significant risk to enterprise environments due to RRAS's widespread use in remote access scenarios and the minimal requirements for exploitation.
Microsoft Configuration Manager Remote Code Execution Vulnerability
This critical SQL injection vulnerability in Microsoft Configuration Manager allows unauthenticated attackers to execute arbitrary code remotely through specially crafted network requests, requiring no user interaction or special privileges. The flaw enables complete system compromise, potentially granting attackers full control over the affected server and its underlying database, with severe impacts on system confidentiality, integrity, and availability. Given the network-based attack vector and low complexity of exploitation, this vulnerability poses an immediate risk to exposed Configuration Manager installations, particularly as it can be weaponized without user involvement.
<p>Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.</p>
A critical authentication bypass vulnerability in the deprecated Visual Studio Code extension for Arduino enables unauthenticated attackers to achieve remote code execution through network-based attacks, requiring no user interaction. This severe security flaw could lead to complete system compromise, allowing attackers to gain full control over affected systems with the ability to access sensitive data, modify system configurations, and disrupt operations. Given that Microsoft has deprecated this extension and will not be issuing patches, organizations should transition to the official Arduino IDE to eliminate this security risk.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) enables remote code execution when an authenticated user connects to a malicious server, requiring no special privileges to exploit. The vulnerability allows attackers to execute arbitrary code with the same privileges as the logged-in user, potentially leading to unauthorized data access, system modification, and service disruption across multiple Windows Server versions. This serious security flaw represents a significant risk to enterprise networks given RRAS's widespread use in remote access scenarios and the low complexity of exploitation.
Windows MSHTML Platform Spoofing Vulnerability
Exploit
A critical spoofing vulnerability in the Windows MSHTML Platform enables cross-site scripting attacks through network-based vectors, requiring user interaction for exploitation. The flaw affects the platform used by Internet Explorer mode in Microsoft Edge and other applications through WebBrowser control, potentially allowing attackers to access sensitive information, hijack sessions, or conduct phishing attacks. This vulnerability is particularly concerning as it is being actively exploited in the wild and could enable attackers to present false information or impersonate trusted entities across multiple Windows versions.
Windows Netlogon Elevation of Privilege Vulnerability
A critical Windows Netlogon elevation of privilege vulnerability allows an authenticated attacker with LAN access to potentially gain domain administrator privileges by exploiting a flaw in domain controller name validation during secure channel establishment. The attack enables a scope change beyond the vulnerable component's security boundary, where an attacker can predict and impersonate a new domain controller's name, posing a severe risk of complete domain compromise through the manipulation of authentication mechanisms. This vulnerability is particularly dangerous as it requires minimal privileges to exploit, has no user interaction requirements, and could lead to a total breach of confidentiality, integrity, and availability across the entire domain infrastructure.
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
A local elevation of privilege vulnerability in Azure Stack Hyperconverged Infrastructure (HCI) allows attackers with basic user privileges to compromise unencrypted service principal for managed identities, enabling unauthorized service management operations in hybrid cloud environments. The attacker can gain the same privileges as the compromised managed identity, potentially leading to unauthorized access and control over resources the managed identity is permitted to manage. This vulnerability is particularly critical due to its ability to change scope, allowing an attacker to extend their reach beyond the initial compromise point and affect multiple resources within the hybrid cloud infrastructure.
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
A critical heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) enables unauthenticated attackers to achieve remote code execution through specially crafted protocol messages when users connect to a compromised server. The vulnerability allows attackers to execute arbitrary code with elevated privileges on the target system, potentially leading to full system compromise with the ability to view, modify, or delete data and create accounts with full user rights. Given the widespread deployment of RRAS in enterprise environments and the relatively low complexity of exploitation despite requiring user interaction, this vulnerability poses a significant risk to organizational security.
CVE ID | CVSS Score | Product | Trend | Exploit |
---|---|---|---|---|
CVE-2024-49023Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 5.9 | edge | - | |
CVE-2024-43616Microsoft Office Remote Code Execution Vulnerability | CVSS 7.8 | 365_apps | - | |
CVE-2024-43615Microsoft OpenSSH for Windows Remote Code Execution Vulnerability | CVSS 7.1 | windows | - | |
CVE-2024-43614Microsoft Defender for Endpoint for Linux Spoofing Vulnerability | CVSS 5.5 | defender_for_endpoint | - | |
CVE-2024-43612Power BI Report Server Spoofing Vulnerability | CVSS 6.9 | power_bi_report_server | - | |
CVE-2024-43611Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43610<p>Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector</p>
| CVSS 7.4 | - | - | |
CVE-2024-43609Microsoft Office Spoofing Vulnerability | CVSS 6.5 | 365_apps | - | |
CVE-2024-43608Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43607Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43604Outlook for Android Elevation of Privilege Vulnerability | CVSS 5.7 | outlook | - | |
CVE-2024-43603Visual Studio Collector Service Denial of Service Vulnerability | CVSS 5.5 | visual_studio | - | |
CVE-2024-43601Visual Studio Code for Linux Remote Code Execution Vulnerability | CVSS 7.8 | visual_studio_code | - | |
CVE-2024-43599Remote Desktop Client Remote Code Execution Vulnerability | CVSS 8.8 | remote_desktop | - | |
CVE-2024-43596Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 6.5 | edge | - | |
CVE-2024-43595Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 6.5 | edge | - | |
CVE-2024-43593Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43592Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43591Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability | CVSS 8.7 | azure-cli | - | |
CVE-2024-43590Visual C++ Redistributable Installer Elevation of Privilege Vulnerability | CVSS 7.8 | visual_c | - | |
CVE-2024-43589Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43587Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 5.9 | edge | - | |
CVE-2024-43585Code Integrity Guard Security Feature Bypass Vulnerability | CVSS 5.5 | windows | - | |
CVE-2024-43584Windows Scripting Engine Security Feature Bypass Vulnerability | CVSS 7.7 | windows | - | |
CVE-2024-43583Winlogon Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43582Remote Desktop Protocol Server Remote Code Execution Vulnerability | CVSS 8.1 | remote_desktop_protocol | - | |
CVE-2024-43581Microsoft OpenSSH for Windows Remote Code Execution Vulnerability | CVSS 7.1 | windows | - | |
CVE-2024-43580Microsoft Edge (Chromium-based) Spoofing Vulnerability | CVSS 5.4 | edge | - | |
CVE-2024-43579Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 7.6 | edge | - | |
CVE-2024-43578Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 7.6 | edge | - | |
CVE-2024-43577Microsoft Edge (Chromium-based) Spoofing Vulnerability | CVSS 4.3 | edge | - | |
CVE-2024-43576Microsoft Office Remote Code Execution Vulnerability | CVSS 7.8 | 365_apps | - | |
CVE-2024-43575Windows Hyper-V Denial of Service Vulnerability | CVSS 7.5 | windows_server | - | |
CVE-2024-43574Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | CVSS 8.3 | remote | - | |
CVE-2024-43573Windows MSHTML Platform Spoofing Vulnerability | CVSS 6.5 | windows | Oct 8, 2024 | |
CVE-2024-43572Microsoft Management Console Remote Code Execution Vulnerability | CVSS 7.8 | remote | Oct 8, 2024 | |
CVE-2024-43571Sudo for Windows Spoofing Vulnerability | CVSS 5.6 | windows_11 | - | |
CVE-2024-43570Windows Kernel Elevation of Privilege Vulnerability | CVSS 6.4 | windows | - | |
CVE-2024-43567Windows Hyper-V Denial of Service Vulnerability | CVSS 7.5 | windows_server_2012 | - | |
CVE-2024-43566Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 7.5 | edge | - | |
CVE-2024-43565Windows Network Address Translation (NAT) Denial of Service Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-43564Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43563Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43562Windows Network Address Translation (NAT) Denial of Service Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-43561Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43560Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43559Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43558Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43557Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43556Windows Graphics Component Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43555Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43554Windows Kernel-Mode Driver Information Disclosure Vulnerability | CVSS 5.5 | windows | - | |
CVE-2024-43553NT OS Kernel Elevation of Privilege Vulnerability | CVSS 7.4 | windows_10_1507 | - | |
CVE-2024-43552Windows Shell Remote Code Execution Vulnerability | CVSS 7.3 | windows | - | |
CVE-2024-43551Windows Storage Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43550Windows Secure Channel Spoofing Vulnerability | CVSS 7.4 | windows | - | |
CVE-2024-43549Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43547Windows Kerberos Information Disclosure Vulnerability | CVSS 6.5 | windows | - | |
CVE-2024-43546Windows Cryptographic Information Disclosure Vulnerability | CVSS 5.6 | windows | - | |
CVE-2024-43545Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-43544Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability | CVSS 7.5 | scep | - | |
CVE-2024-43543Windows Mobile Broadband Driver Remote Code Execution Vulnerability | CVSS 6.8 | windows_10_1809 | - | |
CVE-2024-43542Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43541Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability | CVSS 7.5 | scep | - | |
CVE-2024-43540Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43538Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43537Windows Mobile Broadband Driver Denial of Service Vulnerability | CVSS 6.5 | windows_10_1809 | - | |
CVE-2024-43536Windows Mobile Broadband Driver Remote Code Execution Vulnerability | CVSS 6.8 | windows_10_1809 | - | |
CVE-2024-43535Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | CVSS 7 | windows | - | |
CVE-2024-43534Windows Graphics Component Information Disclosure Vulnerability | CVSS 6.5 | windows | - | |
CVE-2024-43533Remote Desktop Client Remote Code Execution Vulnerability | CVSS 8.8 | windows_11_21h2 | - | |
CVE-2024-43532Remote Registry Service Elevation of Privilege Vulnerability | CVSS 8.8 | remote | Oct 22, 2024 | |
CVE-2024-43529Windows Print Spooler Elevation of Privilege Vulnerability | CVSS 7.3 | windows | - | |
CVE-2024-43528Windows Secure Kernel Mode Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43527Windows Kernel Elevation of Privilege Vulnerability | CVSS 7.8 | access | - | |
CVE-2024-43526Windows Mobile Broadband Driver Remote Code Execution Vulnerability | CVSS 6.8 | windows_10_1809 | - | |
CVE-2024-43525Windows Mobile Broadband Driver Remote Code Execution Vulnerability | CVSS 6.8 | windows_10_1809 | - | |
CVE-2024-43524Windows Mobile Broadband Driver Remote Code Execution Vulnerability | CVSS 6.8 | windows_10_1809 | - | |
CVE-2024-43523Windows Mobile Broadband Driver Remote Code Execution Vulnerability | CVSS 6.8 | windows_10_1809 | - | |
CVE-2024-43522Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | CVSS 7 | windows | - | |
CVE-2024-43521Windows Hyper-V Denial of Service Vulnerability | CVSS 7.5 | windows_server_2012 | - | |
CVE-2024-43520Windows Kernel Denial of Service Vulnerability | CVSS 5 | windows | - | |
CVE-2024-43519Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | CVSS 8.8 | windows_10_1507 | - | |
CVE-2024-43518Windows Telephony Server Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-43517Microsoft ActiveX Data Objects Remote Code Execution Vulnerability | CVSS 8.8 | activex | - | |
CVE-2024-43516Windows Secure Kernel Mode Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43515Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability | CVSS 7.5 | iscsi | - | |
CVE-2024-43514Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43513BitLocker Security Feature Bypass Vulnerability | CVSS 6.4 | bitlocker | - | |
CVE-2024-43512Windows Standards-Based Storage Management Service Denial of Service Vulnerability | CVSS 6.5 | windows_server | - | |
CVE-2024-43511Windows Kernel Elevation of Privilege Vulnerability | CVSS 7 | windows | - | |
CVE-2024-43509Windows Graphics Component Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43508Windows Graphics Component Information Disclosure Vulnerability | CVSS 5.5 | windows_11_22h2 | - | |
CVE-2024-43506BranchCache Denial of Service Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-43505Microsoft Office Visio Remote Code Execution Vulnerability | CVSS 7.8 | 365_apps | - | |
CVE-2024-43504Microsoft Excel Remote Code Execution Vulnerability | CVSS 7.8 | 365_apps | - | |
CVE-2024-43503Microsoft SharePoint Elevation of Privilege Vulnerability | CVSS 7.8 | sharepoint_server | - | |
CVE-2024-43502Windows Kernel Elevation of Privilege Vulnerability | CVSS 7.1 | windows_10_1809 | - | |
CVE-2024-43501Windows Common Log File System Driver Elevation of Privilege Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-43500Windows Resilient File System (ReFS) Information Disclosure Vulnerability | CVSS 5.5 | windows | - | |
CVE-2024-43497DeepSpeed Remote Code Execution Vulnerability | CVSS 8.4 | deepspeed | - | |
CVE-2024-43488<p>Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.</p>
| CVSS 8.8 | arduino | - | |
CVE-2024-43485Microsoft is releasing this security advisory to provide information about a vulnerability in System.Text.Json 6.0.x and 8.0.x. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. In System.Text.Json 6.0.x and 8.0.x, applications which deserialize input to a model with an [ExtensionData] property can be vulnerable to an algorithmic complexity attack resulting in Denial of Service. | CVSS 7.5 | .net | - | |
CVE-2024-43484Microsoft is releasing this security advisory to provide information about a vulnerability in System.IO.Packaging. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, leading to denial of service. | CVSS 7.5 | .net | - | |
CVE-2024-43483Microsoft is releasing this security advisory to provide information about a vulnerability in System.Security.Cryptography.Cose, System.IO.Packaging, System.Runtime.Caching. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. System.Security.Cryptography.Cose, System.IO.Packaging, System.Runtime.Caching may be exposed to a hostile input which may lead them to be susceptible to hash flooding attacks resulting in denial of service. | CVSS 7.5 | .net | - | |
CVE-2024-43481Power BI Report Server Spoofing Vulnerability | CVSS 6.5 | power_bi_report_server | - | |
CVE-2024-43480Azure Service Fabric for Linux Remote Code Execution Vulnerability | CVSS 6.6 | azure_service_fabric | - | |
CVE-2024-43468Microsoft Configuration Manager Remote Code Execution Vulnerability | CVSS 9.8 | remote | - | |
CVE-2024-43456Windows Remote Desktop Services Tampering Vulnerability | CVSS 4.8 | windows | - | |
CVE-2024-43453Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-38265Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-38262Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-38261Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 7.8 | windows | - | |
CVE-2024-38229Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in ASP.NET when closing an HTTP/3 stream while application code is writing to the response body, a race condition may lead to use-after-free. Note: HTTP/3 is experimental in .NET 6.0. If you are on .NET 6.0 and using HTTP/3, please upgrade to .NET 8.0.10. .NET 6.0 will not receive a security patch for this vulnerability. | CVSS 8.1 | .net | - | |
CVE-2024-38212Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVSS 8.8 | windows | - | |
CVE-2024-38204<p>Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network.</p>
| CVSS 7.5 | azure_functions | - | |
CVE-2024-38190<p>Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector.</p>
| CVSS 8.6 | power_platform | - | |
CVE-2024-38179Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability | CVSS 8.8 | azure_stack | - | |
CVE-2024-38149BranchCache Denial of Service Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-38139<p>Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.</p>
| CVSS 8.7 | dataverse | - | |
CVE-2024-38129Windows Kerberos Elevation of Privilege Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-38124Windows Netlogon Elevation of Privilege Vulnerability | CVSS 9 | windows | - | |
CVE-2024-38097Azure Monitor Agent Elevation of Privilege Vulnerability | CVSS 7.1 | azure_monitor_agent | - | |
CVE-2024-38029Microsoft OpenSSH for Windows Remote Code Execution Vulnerability | CVSS 7.5 | windows | - | |
CVE-2024-37983Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | CVSS 6.7 | windows | - | |
CVE-2024-37982Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | CVSS 6.7 | windows | - | |
CVE-2024-37979Windows Kernel Elevation of Privilege Vulnerability | CVSS 6.7 | windows_server | - | |
CVE-2024-37976Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability | CVSS 6.7 | windows | - | |
CVE-2024-30092Windows Hyper-V Remote Code Execution Vulnerability | CVSS 8 | windows | - | |
CVE-2024-20659Windows Hyper-V Security Feature Bypass Vulnerability | CVSS 7.1 | windows | - |