Lucene search
K

6037 matches found

The Hacker News
The Hacker News
added 2024/11/13 7:14 a.m.18 views

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager NTLM and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 202...

9.9CVSS8.9AI score0.81817EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.6 views

The vulnerability of the Task Scheduler in Windows operating systems allows a malicious individual to escalate their privileges.

The vulnerability of the Task Scheduler in Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to increase their privileges, provided that a specially crafted application is executed. Additionally, updates from...

8.8CVSS7.8AI score0.13719EPSS
Exploits1References2
Talos Blog
Talos Blog
added 2024/11/12 11:11 p.m.31 views

November Patch Tuesday release contains three critical remote code execution vulnerabilities

The Patch Tuesday for November of 2024 includes 89 vulnerabilities, including four that Microsoft marked as "critical." The remaining vulnerabilities listed are classified as "important." Microsoft assessed that exploitation of the four "critical" vulnerabilities is "less likely." CVE-2024-43639 ...

9.9CVSS10AI score0.81817EPSS
Exploits3
Krebs on Security
Krebs on Security
added 2024/11/12 9:59 p.m.44 views

Microsoft Patch Tuesday, November 2024 Edition

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed...

9.8CVSS9AI score0.81817EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2024/11/12 7:59 p.m.37 views

Microsoft and Adobe Patch Tuesday, November 2024 Security Update Review

Microsoft has released its November 2024 Patch Tuesday updates, targeting various vulnerabilities that could impact users and organizations worldwide. From zero-day threats to key product patches, here’s what’s crucial to apply this month. Here’s a breakdown of the updates and how they impact you...

9.8CVSS9.2AI score0.81817EPSS
Exploits3
NCSC
NCSC
added 2024/11/12 6:53 p.m.7 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Execution of arbitrary code User Rights - Execution of arbitrary code System Rights - Obtaining...

9.8CVSS8.8AI score0.81817EPSS
Exploits3
NVD
NVD
added 2024/11/12 6:15 p.m.66 views

CVE-2024-49039

Windows Task Scheduler Elevation of Privilege Vulnerability...

8.8CVSS0.13719EPSS
Exploits1References2
OSV
OSV
added 2024/11/12 6:15 p.m.2 views

CVE-2024-49039

Windows Task Scheduler Elevation of Privilege Vulnerability...

8.8CVSS7.4AI score0.13719EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/12 5:54 p.m.44 views

CVE-2024-49039 Windows Task Scheduler Elevation of Privilege Vulnerability

...

8.8CVSS0.13719EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/12 5:54 p.m.22 views

CVE-2024-49039 Windows Task Scheduler Elevation of Privilege Vulnerability

...

8.8CVSS7AI score0.13719EPSS
Exploits1References1
CVE
CVE
added 2024/11/12 5:54 p.m.434 views

CVE-2024-49039

CVE-2024-49039 is a Windows Task Scheduler privilege-escalation vulnerability. An authenticated local attacker can elevate privileges outside of AppContainer and access privileged RPC functions via the Task Scheduler, enabling local privilege escalation with high impact (CVE-2024-49039). There ar...

8.8CVSS8.6AI score0.13719EPSS
In wildExploits1References2Affected Software13
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.6 views

kernel: Revert "sched/fair: Make sure to try to detach at least one movable task"

In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.maxloop if all tasks examined to...

5.5CVSS6.4AI score0.00166EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: powerpc/smp: do not decrement idle task preempt count in CPU offline

A vulnerability was found in the Linux kernel's powerpc/smp architecture, where the idle task's preemption count was incorrectly decremented during the CPU offline process. This issue caused a "scheduling while atomic" error when a CPU was offlined and then onlined again, leading to potential...

5.5CVSS7.2AI score0.00225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: io_uring/rsrc: don't lock while !TASK_RUNNING

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: don't lock while !TASKRUNNING There is a report of iorsrcrefquiesce locking a mutex while not TASKRUNNING, which is due to forgetting restoring the state back after ioruntaskworksig and attempts to break out of the...

5.5CVSS6.8AI score0.00212EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.2 views

kernel: drm/amdgpu: change vm->task_info handling

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: change vm-taskinfo handling This patch changes the handling and lifecycle of vm-taskinfo object. The major changes are: - vm-taskinfo is a dynamically allocated ptr now, and its uasge is reference counted. - introduci...

5.5CVSS6.8AI score0.0018EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.6 views

kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats

A vulnerability was found in the dotaskstat function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness...

5.5CVSS7.1AI score0.00213EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()

A hung task warning issue was found in the RCU scaling test module. When the holdoff parameter exceeds hungtasktimeoutsecs, the kernel logs a hung task warning for the rcuscalewriter kthread...

5.7AI score0.00168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: perf: Fix event leak upon exec and file release

Linux kernel perf pending task work is never waited upon the matching event release; in the case of a child event, released via freeevent directly, this can potentially result in a leaked event...

5.5CVSS7.3AI score0.0021EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.2 views

kernel: perf: Fix event leak upon exit

A logical flaw exists in the Linux kernel. When a task is scheduled, pending sigtrap deliveries are deferred to the target task upon resuming to userspace via taskwork. However, failures are ignored while adding an event's callback to the taskwork engine. Since the last call for the event exit...

5.5CVSS7.2AI score0.0021EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible

A vulnerability was found in the Linux kernel's qedf driver function qedfexecutetmf, where the function call smpprocessorid is done from preemptible code before acquiring a lock which can result in BUGON when running an RT kernel. This can result in system inconsistencies...

5.5CVSS7.3AI score0.00253EPSS
Exploits0References5
Rows per page
Query Builder