PT-2024-1737 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the Windows Event Logging service and is caused by pointer dereference errors. It can be exploited by a remote attacker to cause a denial of service using a speciall...

The vulnerability of the Safari browser on the macOS operating system allows a hacker to replace the user interface.

The vulnerability of the Safari browser on the macOS operating system is related to information representation errors in the user interface. Exploiting this vulnerability allows a remote attacker to replace the user interface...

The vulnerability of the Emoji component in the macOS operating system allows a hacker to execute arbitrary code.

The vulnerability of the Emoji component in the macOS operating system is related to security configuration errors. Exploiting this vulnerability could allow a attacker to execute arbitrary code...

Important: webkitgtk4

Issue Overview: Impact: Visiting a website that frames malicious content may lead to UI spoofing. Description: The issue was addressed with improved UI handling. CVE-2022-32919 A website may be able to track the websites a user visited in Safari private browsing mode. CVE-2022-32933 A spoofing...

The vulnerability of the Remote Desktop Protocol (RDP) on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Remote Desktop Protocol RDP on Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Juniper Networks Junos OS Evolved routers of the ACX7024, ACX7100-32C, and ACX7100-48L series is related to pointer aliasing errors, which allows a attacker to cause a service failure.

The vulnerability of Juniper Networks Junos OS Evolved routers from the ACX7024, ACX7100-32C, and ACX7100-48L series is related to pointer swapping errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to memory release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the Object Flooding Protocol service in Juniper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Object Flooding Protocol OFP in Juniper Networks’ Junos OS Evolved operating systems is related to improper handling of syntactically incorrect structures. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted TCP...

Vulnerabilities of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio development tools, related to security configuration errors, allow attackers to circumvent existing security restrictions.

The vulnerabilities of Microsoft’s software platforms, such as the .NET Framework, .NET, and Microsoft Visual Studio, are related to security configuration errors. Exploiting these vulnerabilities can allow attackers to circumvent existing security restrictions remotely...

The vulnerability of Bluetooth drivers for Windows operating systems, which allows attackers to carry out spoofing attacks

The vulnerability of Bluetooth driver in Windows operating systems is related to information representation errors in the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

Input validation

In Progress MOVEit Transfer versions released before 2022.0.10 14.0.10, 2022.1.11 14.1.11, 2023.0.8 15.0.8, 2023.1.3 15.1.3, an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead to computational...

CVE-2024-0396 Missing Server-Side Input Validation in HTTP Parameter

In Progress MOVEit Transfer versions released before 2022.0.10 14.0.10, 2022.1.11 14.1.11, 2023.0.8 15.0.8, 2023.1.3 15.1.3, an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead to computational...

CVE-2024-0396 Missing Server-Side Input Validation in HTTP Parameter

In Progress MOVEit Transfer versions released before 2022.0.10 14.0.10, 2022.1.11 14.1.11, 2023.0.8 15.0.8, 2023.1.3 15.1.3, an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead to computational...

CVE-2023-52116

Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device...

EulerOS Virtualization 2.11.1 : libxml2 (EulerOS-SA-2023-2731)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2023-2654)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occur...

EulerOS Virtualization 2.11.0 : libxml2 (EulerOS-SA-2023-2762)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

EulerOS Virtualization 3.0.2.6 : kernel (EulerOS-SA-2023-1066)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation ...

EulerOS Virtualization 3.0.6.6 : libxml2 (EulerOS-SA-2023-3404)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2023-2696)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occur...