473 matches found
CVE-2024-43645
Windows Defender Application Control WDAC Security Feature Bypass Vulnerability...
CVE-2024-43645
Windows Defender Application Control WDAC Security Feature Bypass Vulnerability...
CVE-2024-43645
CVE-2024-43645 is a Windows Defender Application Control (WDAC) security feature bypass described in connected advisories. The vulnerability permits bypassing WDAC protections via a local attacker, with high potential impact to confidentiality, integrity, and availability. Microsoft has published...
CVE-2024-43645 Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability
...
Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability
...
PT-2024-8159 · Microsoft · Windows Defender Application Control +1
Name of the Vulnerable Software and Affected Versions: Windows Defender Application Control WDAC affected versions not specified Description: The issue is related to a security feature bypass in Windows Defender Application Control WDAC that affects the data protection mechanism. This could allow...
Microsoft Windows Defender Application Control 安全漏洞
Microsoft Windows Defender Application Control WDAC is a security tool from Microsoft Corporation USA that restricts the operation of programs at the software level by configuring policies to reduce the scope of what hackers can attack. A security vulnerability exists in Microsoft Windows Defende...
PT-2024-6973 · Microsoft · Wdac Ole Db Provider For Sql Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue is related to errors in numerical truncation in the Microsoft WDAC OLE DB provider for SQL Server. It allows remote attackers to execute...
GHSA-PXG6-PF52-XH8X cookie accepts cookie name, path, and domain with out of bounds characters
Impact The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. For example, serialize"userName=alert'XSS3'; Max-Age=2592000; a", value would result in "userName=alert'XSS3'; Max-Age=2592000; a=test", setting userName cookie to and ignoring value. ...
August 13, 2024—KB5041573 (OS Build 25398.1085)
August 13, 2024—KB5041573 OS Build 25398.1085 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...
June 28, 2024—KB5039304 (OS Build 26100.1000) Preview
June 28, 2024—KB5039304 OS Build 26100.1000 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types.Note Follow @WindowsUpdate to find out when new content is published to the Windows release health dashboar...
The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the WDAC OLE DB driver for SQL Server Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
CVE-2024-31226
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...
CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...
CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...
CVE-2024-31226
Sunshine (Moonlight’s self-hosted game stream host) for Windows is affected in versions 0.17.0–0.22.2 when running as a service. An attacker could place a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the target machine and trigger hijacked execution flow during service terminat...
CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...
The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system is related to buffer overflow in the queue. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system is related to buffer overflow in the queue. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2024-26244
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...