Internet Explorer, Microsoft Edge Security Vulnerabilities

K000139618 : MySQL vulnerabilities CVE-2024-21054, CVE-2024-21009, CVE-2024-20993, and CVE-2024-21102

Security Advisory Description CVE-2024-21054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network...

K000139617 : MySQL vulnerabilities CVE-2024-21049, CVE-2024-21060, CVE-2024-21061, and CVE-2024-21069

Security Advisory Description CVE-2024-21049 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...

K000139594 : libxml2 vulnerability CVE-2022-40304

Security Advisory Description An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. (CVE-2022-40304). Impact This vulnerability allows a...

K000139615 : Node.js vulnerability CVE-2024-27982

Security Advisory Description The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly,...

K000139616 : MySQL vulnerability CVE-2024-21051

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their...

Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their...

Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability

Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to....

Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability

Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to....

Patch Tuesday, May 2024 Edition

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users,...

Microsoft and Adobe Patch Tuesday, May 2024 Security Update Review

Microsoft has released its May edition of Patch Tuesday. Let's take a deep dive into the crucial insights from Microsoft's Patch Tuesday updates for May 2024. Microsoft Patch Tuesday for May 2024 Microsoft Patch Tuesday's May 2024 edition addressed 67 vulnerabilities, including one critical and 59....

Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability

Microsoft Power BI Client JavaScript SDK Information Disclosure...

Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability

Microsoft Power BI Client JavaScript SDK Information Disclosure...

Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN Core

After a relatively hefty Microsoft Patch Tuesday in April, this month's security update from the company only included one critical vulnerability across its massive suite of products and services. In all, May's slate of vulnerabilities disclosed by Microsoft included 59 total CVEs, most of which...

CVE-2024-30059

Microsoft Intune for Android Mobile Application Management Tampering...

CVE-2024-30053

Azure Migrate Cross-Site Scripting...

CVE-2024-30054

Microsoft Power BI Client JavaScript SDK Information Disclosure...

CVE-2024-30050

Windows Mark of the Web Security Feature Bypass...

CVE-2024-30051

Windows DWM Core Library Elevation of Privilege...

CVE-2024-30049

Windows Win32 Kernel Subsystem Elevation of Privilege...

CVE-2024-30048

Dynamics 365 Customer Insights Spoofing...

CVE-2024-30047

Dynamics 365 Customer Insights Spoofing...

CVE-2024-30046

Visual Studio Denial of Service...

CVE-2024-30045

.NET and Visual Studio Remote Code Execution...

CVE-2024-30044

Microsoft SharePoint Server Remote Code Execution...

CVE-2024-30043

Microsoft SharePoint Server Information Disclosure...

CVE-2024-30042

Microsoft Excel Remote Code Execution...

CVE-2024-30041

Microsoft Bing Search Spoofing...

CVE-2024-30040

Windows MSHTML Platform Security Feature Bypass...

CVE-2024-30039

Windows Remote Access Connection Manager Information Disclosure...

CVE-2024-30038

Win32k Elevation of Privilege...

CVE-2024-30037

Windows Common Log File System Driver Elevation of Privilege...

CVE-2024-30036

Windows Deployment Services Information Disclosure...

CVE-2024-30035

Windows DWM Core Library Elevation of Privilege...

CVE-2024-30034

Windows Cloud Files Mini Filter Driver Information Disclosure...

CVE-2024-30033

Windows Search Service Elevation of Privilege...

CVE-2024-30032

Windows DWM Core Library Elevation of Privilege...

CVE-2024-30031

Windows CNG Key Isolation Service Elevation of Privilege...

CVE-2024-30030

Win32k Elevation of Privilege...

CVE-2024-30029

Windows Routing and Remote Access Service (RRAS) Remote Code Execution...

CVE-2024-30028

Win32k Elevation of Privilege...

CVE-2024-30027

NTFS Elevation of Privilege...

CVE-2024-30025

Windows Common Log File System Driver Elevation of Privilege...

CVE-2024-30024

Windows Routing and Remote Access Service (RRAS) Remote Code Execution...

CVE-2024-30023

Windows Routing and Remote Access Service (RRAS) Remote Code Execution...

CVE-2024-30022

Windows Routing and Remote Access Service (RRAS) Remote Code Execution...

CVE-2024-30021

Windows Mobile Broadband Driver Remote Code Execution...

CVE-2024-30020

Windows Cryptographic Services Remote Code Execution...

CVE-2024-30019

DHCP Server Service Denial of Service...

CVE-2024-30018

Windows Kernel Elevation of Privilege...