The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the MHTML export function in the Spreadsheet module of the WPS Office office software for Windows operating systems allows a malicious individual to perform arbitrary commands.

The vulnerability of the MHTML export function in the Spreadsheet module of the WPS Office office software on Windows operating systems is related to the loading of malicious DLL libraries due to an incorrect limitation on the path to the ksoqing directory. Exploiting this vulnerability allows a...

The vulnerability of the Mobile Broadband Driver for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Mobile Broadband Driver for Windows operating systems is related to buffer overflow in the “heap”. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Microsoft Hyper-V 资源管理错误漏洞

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A resource management error vulnerability exists in Microsoft Hyper-V. An attacker could exploit this vulnerability to cause a denial of service o...

Microsoft Windows 输入验证错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. An input validation error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to cause a denial of service. The following products and versions are...

PT-2024-6282 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows Network Address Translation NAT affected versions not specified Description: The issue is related to a use-after-free vulnerability in the implementation of Network Address Translation NAT technology in Windows operating systems. This...

VulnCheck KEV: CVE-2024-38217

Microsoft Windows Mark of the Web MOTW contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW...

PT-2024-6305 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the OLE DB driver for SQL Server on Windows operating systems. This can be exploited by a remote attacker to disclose...

PT-2024-6247 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to Server 2022 23H2 Description: The issue is related to a buffer overflow in the TCP/IP protocol implementation in Windows operating systems. This can be exploited by a remote attacker to execute arbitrary code,...

The vulnerability of the `std::process::Command` function in the `File Extension` component of the Rust programming language operating system for Windows, allowing a malicious actor to execute arbitrary code.

The vulnerability of the std::process::Command function in the File Extension component of the Rust programming language operating system for Windows is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to execute arbitrary code by...

Windows 11 VDA seamless app launches with fullscreen black border behind logon window

The customer uses windows 11 VDAs to provide access to a published application which has desktop operating system requirement. The initial launch of the published application showed the seamless application launch with a full screen black border behind the logon window. This is disruptive to user...

The vulnerability of the Windows operating system’s Network Address Translation (NAT) technology allows a hacker to induce a service failure.

The vulnerability of the Windows operating system’s Network Address Translation NAT technology is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the NTFS file system in Windows operating systems allows attackers to increase their privileges.

The vulnerability of the NTFS file system in Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

Vulnerability of the Layer-2 Bridge Network Driver for Windows operating systems, allowing a hacker to cause service failure.

The vulnerability of the Layer-2 Bridge Network Driver for Windows operating systems is related to pointer dereferencing errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the Local Security Authority (LSA) service, which is responsible for verifying identities and managing user policies in Windows operating systems, allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Local Security Authority LSA service, which is responsible for verifying identities and managing user policies on Microsoft Windows operating systems, is related to the use of an uninitialized resource. Exploiting this vulnerability could allow an attacker to disclose...

The vulnerability of the Bluetooth driver for Windows operating systems, which allows a hacker to disclose protected information

The vulnerability of Bluetooth driver for Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security measures...

The vulnerability in the built-in Microsoft Edge browser of Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the built-in Microsoft Edge browser on Microsoft Windows operating systems is related to data type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, provided that the user accesses a specially crafted URL...

CVE-2024-38132

Windows Network Address Translation NAT Denial of Service Vulnerability...

PT-2024-5648 · Microsoft · Windows Dwm Core Library +1

Name of the Vulnerable Software and Affected Versions: Windows DWM Core Library affected versions not specified Description: The issue is related to the use of memory after it has been freed, which can be exploited to elevate privileges. This can allow an attacker to affect the system...

Microsoft Windows 输入验证错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. An input validation error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...