Lucene search
K

473 matches found

OSV
OSV
added 2024/11/12 6:15 p.m.2 views

CVE-2024-43645

Windows Defender Application Control WDAC Security Feature Bypass Vulnerability...

7.8CVSS5.8AI score0.00537EPSS
Exploits0References1
NVD
NVD
added 2024/11/12 6:15 p.m.19 views

CVE-2024-43645

Windows Defender Application Control WDAC Security Feature Bypass Vulnerability...

7.8CVSS0.00537EPSS
Exploits0References1
CVE
CVE
added 2024/11/12 5:53 p.m.94 views

CVE-2024-43645

CVE-2024-43645 is a Windows Defender Application Control (WDAC) security feature bypass described in connected advisories. The vulnerability permits bypassing WDAC protections via a local attacker, with high potential impact to confidentiality, integrity, and availability. Microsoft has published...

7.8CVSS6.7AI score0.00537EPSS
Exploits0References1Affected Software5
Vulnrichment
Vulnrichment
added 2024/11/12 5:53 p.m.14 views

CVE-2024-43645 Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability

...

6.7CVSS7AI score0.00537EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/11/12 8:0 a.m.28 views

Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability

...

7.8CVSS7.1AI score0.00537EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.5 views

PT-2024-8159 · Microsoft · Windows Defender Application Control +1

Name of the Vulnerable Software and Affected Versions: Windows Defender Application Control WDAC affected versions not specified Description: The issue is related to a security feature bypass in Windows Defender Application Control WDAC that affects the data protection mechanism. This could allow...

7.8CVSS6.5AI score0.00537EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.7 views

Microsoft Windows Defender Application Control 安全漏洞

Microsoft Windows Defender Application Control WDAC is a security tool from Microsoft Corporation USA that restricts the operation of programs at the software level by configuring policies to reduce the scope of what hackers can attack. A security vulnerability exists in Microsoft Windows Defende...

7.8CVSS6.2AI score0.00537EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.6 views

PT-2024-6973 · Microsoft · Wdac Ole Db Provider For Sql Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue is related to errors in numerical truncation in the Microsoft WDAC OLE DB provider for SQL Server. It allows remote attackers to execute...

10CVSS7.9AI score0.0138EPSS
Exploits0References8
OSV
OSV
added 2024/10/04 8:31 p.m.17 views

GHSA-PXG6-PF52-XH8X cookie accepts cookie name, path, and domain with out of bounds characters

Impact The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. For example, serialize"userName=alert'XSS3'; Max-Age=2592000; a", value would result in "userName=alert'XSS3'; Max-Age=2592000; a=test", setting userName cookie to and ignoring value. ...

6.9CVSS5.8AI score0.00744EPSS
Exploits0References4
Microsoft KB
Microsoft KB
added 2024/08/13 7:0 a.m.89 views

August 13, 2024—KB5041573 (OS Build 25398.1085)

August 13, 2024—KB5041573 OS Build 25398.1085 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

9.8CVSS9AI score0.70564EPSS
Exploits28
Microsoft KB
Microsoft KB
added 2024/06/28 12:0 a.m.6 views

June 28, 2024—KB5039304 (OS Build 26100.1000) Preview

June 28, 2024—KB5039304 OS Build 26100.1000 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types.Note Follow @WindowsUpdate to find out when new content is published to the Windows release health dashboar...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/06/04 12:0 a.m.6 views

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.01715EPSS
Exploits0References3
NVD
NVD
added 2024/05/16 7:15 p.m.59 views

CVE-2024-31226

Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...

4.9CVSS5.1AI score0.00217EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/16 6:12 p.m.17 views

CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow

Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...

4.9CVSS5.2AI score0.00217EPSS
Exploits0References3
OSV
OSV
added 2024/05/16 6:12 p.m.38 views

CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow

Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...

4.9CVSS6.8AI score0.00217EPSS
Exploits0References5
CVE
CVE
added 2024/05/16 6:12 p.m.63 views

CVE-2024-31226

Sunshine (Moonlight’s self-hosted game stream host) for Windows is affected in versions 0.17.0–0.22.2 when running as a service. An attacker could place a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the target machine and trigger hijacked execution flow during service terminat...

4.9CVSS5.2AI score0.00217EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/05/16 6:12 p.m.61 views

CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow

Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...

4.9CVSS5.4AI score0.00217EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/04/23 12:0 a.m.7 views

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system is related to buffer overflow in the queue. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.5AI score0.01962EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/04/23 12:0 a.m.8 views

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system is related to buffer overflow in the queue. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.5AI score0.02024EPSS
Exploits0References4
OSV
OSV
added 2024/04/09 5:15 p.m.5 views

CVE-2024-26244

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS5.9AI score0.01962EPSS
Exploits0References1
Rows per page
Query Builder