Microsoft Vulnerabilities
| CVE ID | CVSS | Exploit | Patch | Trends |
|---|---|---|---|---|
CVE-2024-8405An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack.
Note:
This CVE has been split from CVE-2024-4712. | CVSS 5.5 | - | Patched |  |
CVE-2024-8073Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: from 5.5R6-2.6.7 through 5.5R6-2.8.13. | CVSS 9.8 | - | Patched |  |
CVE-2024-8001A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an unknown function of the component Print Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. A user with the role learner can use the administrative print function with an active session before and after an exam slot to access the entire exam including solutions in the web application. It is recommended to apply a patch to fix this issue. | CVSS 4.3 | - | - |  |
CVE-2024-7965Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | CVSS 8.8 | Exploit | Patched |  |
CVE-2024-7415The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin allowing direct access to the bootstrap.php file which has display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | CVSS 5.3 | - | Patched |  |
CVE-2024-7038An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existence and configuration of the file. This behavior allows an attacker to enumerate file names and traverse directories by observing the error messages, leading to potential exposure of sensitive information. | CVSS 2.7 | Exploit | Patched |  |
CVE-2024-6769A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. | CVSS 6.7 | - | - |  |
CVE-2024-6768A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. | CVSS Low | Exploit | - |  |
CVE-2024-6574The Laposta plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.12. This is due to the plugin not preventing direct access to several test files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. This plugin is no longer being maintained and has been closed for downloads. | CVSS 5.3 | - | - |  |
CVE-2024-6570The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. This is due the plugin utilizing wpdesk and not preventing direct access to the test files along with display_errors being enabled. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | CVSS 5.3 | - | - |  |
CVE-2024-6566The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.1.21. This is due the plugin not preventing direct access to the composer-setup.php file which also has display_errors enabled. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | CVSS 5.3 | - | - |  |
CVE-2024-6565The AForms — Form Builder for Price Calculator & Cost Estimation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.6. This is due to the plugin utilizing the aura library and allowing direct access to the phpunit test files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | CVSS 5.3 | - | - |  |
CVE-2024-6546The One Click Close Comments plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.7.1. This is due to the plugin utilizing bootstrap and leaving test files with display_errors on. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. | CVSS 5.3 | - | - |  |
CVE-2024-5742A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. | CVSS 6.7 | - | Patched |  |
CVE-2024-5565The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with "visualize" set to True (default behavior) leads to remote code execution. | CVSS 8.1 | - | - |  |
CVE-2024-5499Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | CVSS 8.8 | - | Patched |  |
CVE-2024-5498Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | CVSS 5.4 | - | Patched |  |
CVE-2024-5497Out of bounds memory access in Keyboard Inputs in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | CVSS 7.5 | - | Patched |  |
CVE-2024-5496Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | CVSS 7.5 | - | Patched |  |
CVE-2024-5495Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | CVSS 7.5 | - | Patched |  |
CVE-2024-5494Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | CVSS 7.5 | - | Patched |  |
CVE-2024-5493Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | CVSS 7.5 | - | Patched |  |
CVE-2024-51692Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Askew Brook Bing Search API Integration allows Reflected XSS.This issue affects Bing Search API Integration: from n/a through 0.3.3. | CVSS 7.1 | - | - |  |
CVE-2024-5160[Severity: High]
Heap buffer overflow in Dawn. Reported by wgslfuzz on 2024-05-01
Google Chrome update, version 125.0.6422.76 fixes the following vulnerabilities. | CVSS 8.8 | - | Patched |  |
CVE-2024-5159[Severity: High]
Heap buffer overflow in ANGLE. Reported by David Sievers (@loknop) on 2024-04-18
Google Chrome update, version 125.0.6422.76 fixes the following vulnerabilities. | CVSS 8.8 | - | Patched |  |
CVE-2024-5158[Severity: High]
Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-05-06
Google Chrome update, version 125.0.6422.76 fixes the following vulnerabilities. | CVSS 8.8 | - | Patched |  |
CVE-2024-5157[Severity: High]
Use after free in Scheduling. Reported by Looben Yang on 2024-04-21
Google Chrome update, version 125.0.6422.76 fixes the following vulnerabilities. | CVSS Low | - | Patched |  |
CVE-2024-4950Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | CVSS 5.3 | - | Patched |  |
CVE-2024-4949Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | CVSS 9.6 | - | Patched |  |
CVE-2024-4948Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | CVSS 8.8 | - | Patched |  |
CVE-2024-49397The affected product is vulnerable to a cross-site scripting attack which may allow an attacker to bypass authentication and takeover admin accounts. | CVSS Low | - | - |  |
CVE-2024-49378smartUp, a web browser mouse gestures extension, has a universal cross-site scripting issue in the Edge and Firefox versions of smartUp 7.2.622.1170. The vulnerability allows another extension to execute arbitrary code in the context of the user’s tab. As of time of publication, no known patches exist. | CVSS 6.1 | - | - |  |
CVE-2024-49060Azure Stack HCI Elevation of Privilege Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49056Authentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.
| CVSS 7.3 | - | Patched |  |
CVE-2024-49051Microsoft PC Manager Elevation of Privilege Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49050Visual Studio Code Python Extension Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49049Visual Studio Code Remote Extension Elevation of Privilege Vulnerability | CVSS 7.1 | - | Patched |  |
CVE-2024-49048TorchGeo Remote Code Execution Vulnerability | CVSS 8.1 | - | Patched |  |
CVE-2024-49046Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49044Visual Studio Elevation of Privilege Vulnerability | CVSS 6.7 | - | Patched |  |
CVE-2024-49043Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49042Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability | CVSS 7.2 | - | Patched |  |
CVE-2024-49040Microsoft Exchange Server Spoofing Vulnerability | CVSS 7.5 | - | Patched |  |
CVE-2024-49039Windows Task Scheduler Elevation of Privilege Vulnerability | CVSS 8.8 | Exploit | Patched |  |
CVE-2024-49033Microsoft Word Security Feature Bypass Vulnerability | CVSS 7.5 | - | Patched |  |
CVE-2024-49032Microsoft Office Graphics Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49031Microsoft Office Graphics Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49030Microsoft Excel Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49029Microsoft Excel Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49028Microsoft Excel Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49027Microsoft Excel Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49026Microsoft Excel Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49025Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | CVSS 5.4 | - | Patched |  |
CVE-2024-49023Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVSS 5.9 | - | Patched |  |
CVE-2024-49021Microsoft SQL Server Remote Code Execution Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49019Active Directory Certificate Services Elevation of Privilege Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-49018SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49017SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49016SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49015SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49014SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49013SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49012SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49011SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49010SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49009SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49008SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49007SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49006SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49005SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49004SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49003SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49002SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49001SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-49000SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-48999SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-48998SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-48997SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-48996SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-48995SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-48994SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-48993SQL Server Native Client Remote Code Execution Vulnerability | CVSS 8.8 | - | Patched |  |
CVE-2024-4877The CVE description is not yet available but Feedly AI found some discussions about it | CVSS HIGH | - | - |  |
CVE-2024-48746An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute arbitrary code via the Natural language processing component | CVSS 9.8 | - | - |  |
CVE-2024-47764cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to 0.7.0, which updates the validation for name, path, and domain. | CVSS Low | - | Patched |  |
CVE-2024-47604NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser. | CVSS 6.1 | - | Patched |  |
CVE-2024-47083Power Platform Terraform Provider allows managing environments and other resources within Power Platform. Versions prior to 3.0.0 have an issue in the Power Platform Terraform Provider where sensitive information, specifically the `client_secret` used in the service principal authentication, may be exposed in logs. This exposure occurs due to an error in the logging code that causes the `client_secret` to not be properly masked when logs are persisted or viewed. Users should upgrade to version 3.0.0 to receive a patched version of the provider that removes all logging of sensitive content. Users who have used this provider with the affected versions should take the following additional steps to mitigate the risk: Immediately rotate the `client_secret` for any service principal that has been configured using this Terraform provider. This will invalidate any potentially exposed secrets. Those who have set the `TF_LOG_PATH` environment variable or configured Terraform to persist logs to a file or an external system, consider disabling this until they have updated to a fixed version of the provider. Those who have existing logs that may contain the `client_secret` should remove or sanitize these logs to prevent unauthorized access. This includes logs on disk, in monitoring systems, or in logging services. | CVSS 7.5 | - | - |  |
CVE-2024-45383A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can execute malicious script/application to trigger this vulnerability. | CVSS 5 | Exploit | - |  |
CVE-2024-44623An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. | CVSS 9.8 | Exploit | - |  |
CVE-2024-43646Windows Secure Kernel Mode Elevation of Privilege Vulnerability | CVSS 6.7 | - | Patched |  |
CVE-2024-43645Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability | CVSS 6.7 | - | Patched |  |
CVE-2024-43644Windows Client-Side Caching Elevation of Privilege Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-43643Windows USB Video Class System Driver Elevation of Privilege Vulnerability | CVSS 6.8 | - | Patched |  |
CVE-2024-43642Windows SMB Denial of Service Vulnerability | CVSS 7.5 | - | Patched |  |
CVE-2024-43641Windows Registry Elevation of Privilege Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-43640Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | CVSS 7.8 | - | Patched |  |
CVE-2024-43639Windows Kerberos Remote Code Execution Vulnerability | CVSS 9.8 | - | Patched |  |
CVE-2024-43638Windows USB Video Class System Driver Elevation of Privilege Vulnerability | CVSS 6.8 | - | Patched |  |
CVE-2024-43637Windows USB Video Class System Driver Elevation of Privilege Vulnerability | CVSS 6.8 | - | Patched |  |
CVE-2024-43636Win32k Elevation of Privilege Vulnerability | CVSS 7.8 | - | Patched |  |