CVE-2024-11693

The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

Mozilla Thunderbird < 133.0

The version of Thunderbird installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-67 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific...

The vulnerability of the Task Scheduler in Windows operating systems allows a malicious individual to escalate their privileges.

The vulnerability of the Task Scheduler in Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to increase their privileges, provided that a specially crafted application is executed. Additionally, updates from...

The vulnerability of the Secure Kernel Mode mode in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Secure Kernel Mode mode in Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Winlogon entry program in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Winlogon entry program in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems is related to improper checking of the return value of a function. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

The vulnerability of the Network Address Translation (NAT) technology in Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Network Address Translation NAT technology in Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

PT-2024-6719 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Remote Desktop Client versions prior to 1.2.5709 Description: The issue is related to a use-after-free vulnerability in the Remote Desktop Protocol RDP Client of Windows operating systems. This vulnerability can be exploited by a remote...

The vulnerability of the Power Automate for Desktop automation platform on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Power Automate for Desktop automation platform for Windows operating systems is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of Windows operating systems, related to the use of an insecure search path, allows attackers to escalate their privileges.

The vulnerability of Windows operating systems is related to the use of an insecure search path. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows attackers to perform spoofing attacks.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows Installer component on Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Windows Installer component in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to manipulating an unknown input, resulting in a time mismatch vulnerability. Exploiting this vulnerability allows a remote attacker to increase their privileges...

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (Drivers\ksthunk.sys) on Windows operating systems, which allows a hacker to escalate their privileges.

The vulnerability of the Kernel Streaming WOW Thunk Service Driver Drivers\ksthunk.sys on Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Network Address Translation (NAT) technology implementation in Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Network Address Translation NAT technology in Windows operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

The vulnerability of the Routing and Remote Access Service (RRAS) on Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Routing and Remote Access Service RRAS on Windows operating systems is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

ROS-20240814-05

A vulnerability in the "Save As" function of Mozilla Firefox, Firefox ESR and Thunderbird email client on Windows operating systems is related to insufficient input data validation. Thunderbird email client of Windows operating systems is related to insufficient input data validation. Exploitatio...

The vulnerability of the Kernel Streaming WOW Thunk Service Driver (Drivers\ksthunk.sys) on Windows operating systems, which allows a hacker to escalate their privileges.

The vulnerability of the Kernel Streaming WOW Thunk Service Driver Drivers\ksthunk.sys on Windows operating systems is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...