Total
28515 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-38167 | 2 Microsoft, Redhat | 4 .net, Visual Studio, Visual Studio 2022 and 1 more | 2024-09-19 | 6.5 Medium |
.NET and Visual Studio Information Disclosure Vulnerability | ||||
CVE-2024-38161 | 1 Microsoft | 13 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 10 more | 2024-09-19 | 6.8 Medium |
Windows Mobile Broadband Driver Remote Code Execution Vulnerability | ||||
CVE-2024-38160 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2024-09-19 | 9.1 Critical |
Windows Network Virtualization Remote Code Execution Vulnerability | ||||
CVE-2024-38159 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2024-09-19 | 9.1 Critical |
Windows Network Virtualization Remote Code Execution Vulnerability | ||||
CVE-2024-38123 | 1 Microsoft | 2 Windows 11 24h2, Windows 11 24h2 | 2024-09-19 | 4.4 Medium |
Windows Bluetooth Driver Information Disclosure Vulnerability | ||||
CVE-2024-7553 | 2 Microsoft, Mongodb | 24 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 21 more | 2024-09-19 | 7.3 High |
Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue | ||||
CVE-2024-38222 | 1 Microsoft | 2 Edge, Edge Chromium | 2024-09-19 | 6.5 Medium |
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||||
CVE-2024-38194 | 1 Microsoft | 1 Azure Web Apps | 2024-09-19 | 8.4 High |
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network. | ||||
CVE-2024-43495 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2024-09-19 | 7.3 High |
Windows libarchive Remote Code Execution Vulnerability | ||||
CVE-2024-43491 | 1 Microsoft | 1 Windows 10 1507 | 2024-09-19 | 9.8 Critical |
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support. | ||||
CVE-2024-43487 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-09-19 | 6.5 Medium |
Windows Mark of the Web Security Feature Bypass Vulnerability | ||||
CVE-2024-43479 | 1 Microsoft | 2 Power Automate, Power Automate For Desktop | 2024-09-19 | 8.5 High |
Microsoft Power Automate Desktop Remote Code Execution Vulnerability | ||||
CVE-2024-43475 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2008 Sp2 | 2024-09-19 | 7.3 High |
Microsoft Windows Admin Center Information Disclosure Vulnerability | ||||
CVE-2024-43470 | 1 Microsoft | 2 Azure Network Watcher Agent, Azure Network Watcher Agent For Windows | 2024-09-19 | 7.3 High |
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | ||||
CVE-2024-43466 | 1 Microsoft | 1 Sharepoint Server | 2024-09-19 | 6.5 Medium |
Microsoft SharePoint Server Denial of Service Vulnerability | ||||
CVE-2024-43457 | 1 Microsoft | 2 Windows 11 24h2, Windows 11 24h2 | 2024-09-19 | 7.8 High |
Windows Setup and Deployment Elevation of Privilege Vulnerability | ||||
CVE-2024-43455 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2024-09-19 | 8.8 High |
Windows Remote Desktop Licensing Service Spoofing Vulnerability | ||||
CVE-2024-43454 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2024-09-19 | 7.1 High |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | ||||
CVE-2024-38119 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-09-19 | 7.5 High |
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability | ||||
CVE-2024-38045 | 1 Microsoft | 17 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 14 more | 2024-09-19 | 8.1 High |
Windows TCP/IP Remote Code Execution Vulnerability |