) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Search Type: Search Last 3 Months
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-26168 |
Secure Boot Security Feature Bypass Vulnerability Published: April 09, 2024; 1:15:35 PM -0400 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0:(not available) |
| CVE-2024-26158 |
Microsoft Install Service Elevation of Privilege Vulnerability Published: April 09, 2024; 1:15:35 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-21447 |
Windows Authentication Elevation of Privilege Vulnerability Published: April 09, 2024; 1:15:35 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-21424 |
Azure Compute Gallery Elevation of Privilege Vulnerability Published: April 09, 2024; 1:15:35 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2024-21409 |
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Published: April 09, 2024; 1:15:34 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2024-21324 |
Microsoft Defender for IoT Elevation of Privilege Vulnerability Published: April 09, 2024; 1:15:34 PM -0400 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available) |
| CVE-2024-21323 |
Microsoft Defender for IoT Remote Code Execution Vulnerability Published: April 09, 2024; 1:15:34 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2024-21322 |
Microsoft Defender for IoT Remote Code Execution Vulnerability Published: April 09, 2024; 1:15:34 PM -0400 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0:(not available) |
| CVE-2024-20693 |
Windows Kernel Elevation of Privilege Vulnerability Published: April 09, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-20689 |
Secure Boot Security Feature Bypass Vulnerability Published: April 09, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
| CVE-2024-20688 |
Secure Boot Security Feature Bypass Vulnerability Published: April 09, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
| CVE-2024-20685 |
Azure Private 5G Core Denial of Service Vulnerability Published: April 09, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-20678 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability Published: April 09, 2024; 1:15:33 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2024-20670 |
Outlook for Windows Spoofing Vulnerability Published: April 09, 2024; 1:15:32 PM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0:(not available) |
| CVE-2024-20669 |
Secure Boot Security Feature Bypass Vulnerability Published: April 09, 2024; 1:15:32 PM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
| CVE-2024-20665 |
BitLocker Security Feature Bypass Vulnerability Published: April 09, 2024; 1:15:32 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
| CVE-2024-3281 |
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. A flaw in the firmware build process did not properly restrict access to a resource from an unauthorized actor. Published: April 09, 2024; 12:15:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-31868 |
Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can modify helium.json and exposure XSS attacks to normal users. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue. Published: April 09, 2024; 12:15:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-31866 |
Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by overriding configuration likeĀ ZEPPELIN_INTP_CLASSPATH_OVERRIDES. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue. Published: April 09, 2024; 12:15:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-31865 |
Improper Input Validation vulnerability in Apache Zeppelin. The attackers can call updating cron API with invalid or improper privileges so that the notebook can run with the privileges. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue. Published: April 09, 2024; 12:15:08 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |