Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Windows
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-20430 |
A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges. This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges. Published: September 12, 2024; 4:15:04 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-6510 |
Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. Published: September 12, 2024; 11:18:26 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-7890 |
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows Published: September 11, 2024; 7:15:10 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-7889 |
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows Published: September 11, 2024; 7:15:10 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-8690 |
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity. Published: September 11, 2024; 1:15:14 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-5760 |
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. Published: September 11, 2024; 12:15:08 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-43495 |
Windows libarchive Remote Code Execution Vulnerability Published: September 10, 2024; 1:15:36 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
CVE-2024-43491 |
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support. Published: September 10, 2024; 1:15:36 PM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2024-43487 |
Windows Mark of the Web Security Feature Bypass Vulnerability Published: September 10, 2024; 1:15:36 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2024-43475 |
Microsoft Windows Admin Center Information Disclosure Vulnerability Published: September 10, 2024; 1:15:35 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
CVE-2024-43467 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Published: September 10, 2024; 1:15:34 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2024-43461 |
Windows MSHTML Platform Spoofing Vulnerability Published: September 10, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2024-43458 |
Windows Networking Information Disclosure Vulnerability Published: September 10, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.1: 7.7 HIGH V2.0:(not available) |
CVE-2024-43457 |
Windows Setup and Deployment Elevation of Privilege Vulnerability Published: September 10, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-43455 |
Windows Remote Desktop Licensing Service Spoofing Vulnerability Published: September 10, 2024; 1:15:32 PM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2024-43454 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Published: September 10, 2024; 1:15:32 PM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2024-38263 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Published: September 10, 2024; 1:15:32 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2024-38260 |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Published: September 10, 2024; 1:15:32 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2024-38258 |
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability Published: September 10, 2024; 1:15:31 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2024-38256 |
Windows Kernel-Mode Driver Information Disclosure Vulnerability Published: September 10, 2024; 1:15:31 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |