Skip to main content
CVE-2024-43457 HIGH PATCH This Week

Windows Setup and Deployment Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 11 24h2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-38253 HIGH PATCH This Week

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 11 21H2 +4
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-38252 HIGH PATCH This Week

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-38249 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 1507 +14
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-38247 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38245 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-38244 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
5.9%
CVE-2024-38243 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-38242 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2024-38241 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
5.8%
CVE-2024-38238 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-38237 HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2024-38046 HIGH PATCH This Week

PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 21H1 +9
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38014 HIGH KEV PATCH THREAT This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2024-30073 HIGH PATCH This Week

Windows Security Zone Mapping Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-31960 HIGH This Week

An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Samsung Memory Corruption Exynos 1480 Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-43458 HIGH PATCH This Week

Windows Networking Information Disclosure Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1607 Windows Server 2016
NVD
CVSS 3.1
7.7
EPSS
1.8%
CVE-2024-42427 HIGH This Week

Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Dell Wyse Thinos
NVD
CVSS 3.1
7.6
EPSS
1.1%
CVE-2024-43474 HIGH This Week

Microsoft SQL Server Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Sql Server 2017 Sql Server 2019
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-43467 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Race Condition Microsoft Windows Server 2008 Windows Server 2012 +4
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2024-43466 HIGH PATCH This Week

Microsoft SharePoint Server Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Denial Of Service Microsoft Sharepoint Server
NVD
CVSS 3.1
7.5
EPSS
4.5%
CVE-2024-38263 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2024-38258 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.5
EPSS
4.7%
CVE-2024-38257 HIGH PATCH This Week

Microsoft AllJoyn API Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21H1 +8
NVD
CVSS 3.1
7.5
EPSS
4.5%
CVE-2024-38236 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 +2
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2024-38233 HIGH PATCH This Week

Windows Networking Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Windows 10 1607 Windows Server 2016
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2024-38232 HIGH PATCH This Week

Windows Networking Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Windows 10 1607 Windows Server 2016
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2024-38231 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Denial Of Service Microsoft Windows Server 2008 Windows Server 2012 +4
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2024-38230 HIGH PATCH This Week

Windows Standards-Based Storage Management Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2024-38119 HIGH PATCH This Week

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Microsoft RCE Memory Corruption Windows 10 1507 +12
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-45590 HIGH PATCH This Week

body-parser is Node.js body parsing middleware. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Denial Of Service Body Parser
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-6979 HIGH This Week

Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Axis Os 2024
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-43495 HIGH PATCH This Week

Windows libarchive Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Microsoft Windows 11 22h2 Windows 11 23h2 +1
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-43475 HIGH PATCH This Week

Microsoft Windows Admin Center Information Disclosure Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Information Disclosure Microsoft Windows Server 2008
NVD
CVSS 3.1
7.3
EPSS
1.7%
CVE-2024-43470 HIGH PATCH This Week

Azure Network Watcher VM Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Microsoft Azure Network Watcher Agent
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-38226 HIGH KEV PATCH THREAT This Week

Microsoft Publisher Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Office 2019 Office Long Term Servicing Channel Publisher
NVD
CVSS 3.1
7.3
EPSS
2.7%
CVE-2024-33508 HIGH This Week

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Fortinet Command Injection Forticlient Enterprise Management Server
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2024-41170 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0015), Tecnomatix Plant Simulation V2404 (All versions < V2404.0004). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-8478 HIGH PATCH This Week

The The Affiliate Super Assistent plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.5.3. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection WordPress RCE Affiliate Super Assistent
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2024-8190 HIGH KEV EUVD KEV THREAT This Week

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ivanti Cloud Services Appliance
NVD
CVSS 3.1
7.2
EPSS
89.0%
CVE-2024-43464 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
35.9%
CVE-2024-38239 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +12
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2024-38228 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
4.2%
CVE-2024-38227 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft Sharepoint Server
NVD
CVSS 3.1
7.2
EPSS
8.2%
CVE-2024-43454 HIGH PATCH This Week

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +3
NVD
CVSS 3.1
7.1
EPSS
21.0%
CVE-2024-38188 HIGH PATCH This Week

Azure Network Watcher VM Agent Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Microsoft Azure Network Watcher Agent
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2024-37966 HIGH This Week

Microsoft SQL Server Native Scoring Information Disclosure Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Sql Server 2017 Sql Server 2019 +1
NVD
CVSS 3.1
7.1
EPSS
2.2%
CVE-2024-42423 HIGH This Week

Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Dell Information Disclosure Citrix Workspace
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-38248 HIGH PATCH This Week

Windows Storage Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Microsoft Memory Corruption Windows 10 21h2 +7
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2024-38246 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Buffer Overflow Stack Overflow Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +5
NVD
CVSS 3.1
7.0
EPSS
0.6%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy