1705 matches found
CVE-2023-29363
CVE-2023-29363 is a Windows Pragmatic General Multicast (PGM) Remote Code Execution vulnerability. The issue affects Windows message queuing in PGM server scenarios, where a remote, unauthenticated attacker could send a crafted file over the network to achieve code execution if the message-queuin...
CVE-2024-26174
CVE-2024-26174 is a Windows Kernel Information Disclosure Vulnerability. The connected sources specify the issue as an out-of-bounds read of key node security in CmpValidateHiveSecurityDescriptors when loading corrupted registry hives, enabling potential leakage of kernel/registry data. Affected ...
CVE-2024-21352
Technical details for CVE-2024-21352 are not publicly available in the provided documents; monitor for updates.
CVE-2024-21369
Technical details for CVE-2024-21369 are not publicly provided in the supplied documents. Monitor for updates from Microsoft and vulnerability feeds.
CVE-2024-21359
Technical details for CVE-2024-21359 are not provided in the connected documents. The available data only references a WDAC OLE DB provider RCE vulnerability. Monitor for official advisories to learn affected products, impact, and remediation.
CVE-2024-21375
Technical details for CVE-2024-21375 are not publicly available in the provided documents. Monitor for updates as more information may be published.
CVE-2024-21349
Technical details for CVE-2024-21349 (Microsoft ActiveX Data Objects remote code execution) are not provided in the connected documents; no affected versions, root cause, impact, or remediation are cited. Monitor for updates.
CVE-2024-21361
Technical details for CVE-2024-21361 are not publicly provided in the supplied documents; monitor for updates.
CVE-2024-21344
CVE-2024-21344 is described as a Windows NAT Denial of Service vulnerability with CVSS v3.1 base score 5.9 (Network attack, High attack complexity, No privileges, No user interaction, Availability impact). The available connected documents do not specify affected products/versions, root cause det...
CVE-2024-21430
CVE-2024-21430 is a Windows vulnerability described as a Remote Code Execution via the Windows USB Attached SCSI (UAS) protocol. The UAS handling issue is the stated root cause, with impact described as high confidentiality, integrity, and availability (per NVD metrics: CVSS 3.1 base score 6.4; a...
CVE-2024-26173
Technical details about CVE-2024-26173 are not provided in the connected documents. The materials discuss Windows registry and kernel context at a high level without concrete affected components, root cause, impact specifics, or patches. Monitor updates for official disclosures.
CVE-2024-21365
CVE-2024-21365 affects the Microsoft WDAC OLE DB provider for SQL Server and is a Remote Code Execution vulnerability. It has a CVSS v3.1 base score of 8.8 (High) with Network attack vector, Low attack complexity, No privileges required, and User interaction required; impacts Confidentiality, Int...
CVE-2017-8563
CVE-2017-8563 is an elevation-of-privilege vulnerability in Windows where Kerberos can fall back to NTLM as the default authentication protocol. The issue is exposed via LDAP/NTLM negotiation and can enable domain‑level credential abuse if NTLM relay occurs. Public documentation notes that follow...
CVE-2024-21405
CVE-2024-21405 is a Microsoft Message Queuing (MSMQ) elevation of privilege vulnerability listed among February 2024 Windows security updates (KB5034830/KB5034819/etc.). Affected component: MSMQ on Windows. Root cause and exact exploit mechanism are not detailed in the provided documents beyond t...
CVE-2025-21413
CVE-2025-21413 is a Windows Telephony Service remote code execution vulnerability. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) indicates network access, no privileges, user interaction required, with high impact to confidentiality, integrity, and availability. Connected sources conf...
CVE-2024-21391
CVE-2024-21391 affects Microsoft WDAC OLE DB provider for SQL Server and is described as a Remote Code Execution vulnerability. The initial document provides a CVSS 3.1 base score of 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and user interaction required. No specific remediati...
CVE-2024-21446
CVE-2024-21446 is an NTFS Elevation of Privilege vulnerability. The NVD entry indicates a local, low-attack-complexity flaw in NTFS that yields a high impact on confidentiality, integrity, and availability (C:H, I:H, A:H) with a base score of 7.8 (Microsoft-reported). Exploitation is listed as lo...
CVE-2024-21450
CVE-2024-21450 concerns the Microsoft WDAC OLE DB provider for SQL Server and is a remote code execution vulnerability. The CVSS 3.1 base score is 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and requires user interaction. The impact is rated as high for confidentiality, integrit...
CVE-2024-21347
Technical details for CVE-2024-21347 are not provided in the connected documents. Monitor for updates and published fixes or advisories once available.
CVE-2024-21367
Technical details for CVE-2024-21367 are not provided in the connected documents. Public information about affected components, root cause, or fixes is not included here. Monitor for updates from the vendor/Microsoft and add any official advisories when available.
CVE-2024-21441
CVE-2024-21441 affects the Microsoft WDAC OLE DB provider for SQL Server and is a Remote Code Execution vulnerability. The NVD entry rates it High (CVSS 3.1: 8.8) with NETWORK vector, LOW attack complexity, NONE privileges, and user interaction required; impacts on confidentiality, integrity, and...
CVE-2024-21406
Technical details about CVE-2024-21406 are not publicly provided in the supplied documents. No affected product/version/impact specifics are given beyond the generic description. Monitor for updates from official advisories.
CVE-2024-26197
Technical details about CVE-2024-26197 are not publicly provided in the connected documents. Monitor for updates from official sources for affected products, versions, impact, and fixes.
CVE-2024-29050
CVE-2024-29050 is confirmed to affect Windows Cryptographic Services and is categorized as a Remote Code Execution (RCE) vulnerability. The connected documents identify the component and vulnerability name but do not provide explicit root-cause specifics, affected product versions, or remediation...
CVE-2024-21360
Technical details for CVE-2024-21360 are not publicly provided in the supplied documents. Monitor for updates from Microsoft and the CVE entry.
CVE-2024-21368
Technical details (affected product, versions, root cause, impact, or fixes) are not provided in the supplied documents for CVE-2024-21368; no concrete details available. Monitor for updates.
CVE-2024-21451
No public technical details about CVE-2024-21451 are provided in the connected documents. The NVD entry notes RCE via Microsoft ODBC Driver, but remediation/affected versions are not disclosed here. Monitor for updates.
CVE-2024-21432
Technical details about CVE-2024-21432 are not publicly available in the provided documents. Monitor for updates from official advisories to obtain affected products, impact, and remediation guidance.
CVE-2024-21436
CVE-2024-21436 is a Windows Installer elevation of privilege vulnerability. The CVE entry reports a CVSS v3.1 base score of 7.8 (high) with local attack vector, low attack complexity, requiring low privileges and no user interaction; impact is high on confidentiality, integrity, and availability....
CVE-2025-21230
CVE-2025-21230 is a Denial-of-Service vulnerability in Microsoft Message Queuing (MSMQ). Connected CNVD entries explicitly describe a vulnerability in MSMQ that can be exploited to cause a DoS on the system, aligning with the CVSS vector in the CVE entry (Network, Privileges=None, User interactio...
CVE-2024-21343
CVE-2024-21343 is a Windows NAT Denial of Service vulnerability. The provided documents identify it as network‑based with impact on availability (NVD CVSSv3.1: 7.5 base, HIGH; CNA: 5.9, MEDIUM) but do not provide concrete affected product versions, root cause details, exploit information, or a sp...
CVE-2024-21371
Technical details about CVE-2024-21371 are not provided in the supplied documents. Please monitor for updates from official advisories to learn affected products, root cause, impact, and remediation.
CVE-2024-21356
CVE-2024-21356 is listed with concrete identifiers in OpenVAS entries; it corresponds to a Windows LDAP Denial of Service vulnerability with CVSS v3.1 metrics: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (base score 6.5, MEDIUM). The connected records confirm it as part of Microsoft Windows vulnerability...
CVE-2024-21434
Technical details about CVE-2024-21434 are not provided in the supplied documents. Monitor for updates from Microsoft and security feeds for affected components, root cause, impact, and fixes.
CVE-2024-20678
Public documents in the Connected set do not provide concrete technical details (affected product, root cause, impact, or remediation) for CVE-2024-20678; monitor for updates.
CVE-2024-26159
Technical details about CVE-2024-26159 are not provided in the supplied documents. The references here only reiterate the vulnerability name; monitor official advisories for updated specifics and remediation guidance.
CVE-2024-26176
CVE-2024-26176 is described in connected sources as a Windows Kernel vulnerability that causes an out-of-bounds read during symbolic-link validation in the registry path (CmpCheckValueList/CmpCheckValueList validation of symbolic links). The issue is tied to Windows kernel registry code paths and...
CVE-2024-21444
CVE-2024-21444 concerns Microsoft WDAC OLE DB provider for SQL Server and is described as a remote code execution vulnerability. The NVD entry assigns CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with a base score of 8.8 (HIGH). Exploitation is network-based, requires user interaction, and impa...
CVE-2024-26181
CVE-2024-26181 is a Windows kernel vulnerability where exhausting the global registry quota can damage the HKLM\SAM hive, enabling local attackers to trigger a denial-of-service by blocking registry operations. The CVE is tied to out-of-resources/OOM paths in hive memory management and registry q...
CVE-2024-26182
CVE-2024-26182 is a Windows registry/hive memory corruption issue. The connected material documents a local-elevation path via hive memory corruption that targets the HKCU hive, including volatile storage, by abusing out-of-bounds cell indexes in the hive cell map. The attacker can craft a memory...
CVE-2024-21348
Technical details for CVE-2024-21348 are not provided in the supplied documents; the ICS DoS description is generic. Monitor for updates.
CVE-2024-21366
CVE-2024-21366 affects the Microsoft WDAC OLE DB provider for SQL Server and is rated CVSS v3.1 base score 8.8 (High). The vulnerability has a network attack vector with no privileges required, but user interaction is required, and the impact is High on confidentiality, integrity, and availabilit...
CVE-2024-26177
Technical details for CVE-2024-26177 are not publicly available in the provided connected documents. The material discusses Windows registry vulnerabilities broadly but does not specify affected products/versions/root causes/patches for this CVE. Monitor for updates.
CVE-2024-26178
CVE-2024-26178 is a Windows Kernel elevation-of-privilege vulnerability with a CVSS v3.1 base score of 7.8 (HIGH). It is a local attack that requires LOW privileges and has no user interaction, with high impact on confidentiality, integrity, and availability. The Initial Description lists it as a...
CVE-2024-21357
Technical details for CVE-2024-21357 are not provided in the connected documents. Monitor for updates and new disclosures.
CVE-2024-21440
CVE-2024-21440 is a Microsoft ODBC Driver remote code execution vulnerability. The entry identifies affected software as Microsoft ODBC Driver and states an RCE impact with high severity (CVSS v3.1: 8.8, Network attack vector, no privileges required, user interaction required, confidentiality, in...
CVE-2024-26214
CVE-2024-26214 affects the Microsoft WDAC ODBC Driver and is described as a remote code execution vulnerability. According to the CVE entry, the vulnerability has a CVSS v3.1 base score of 8.8 (HIGH) with Network attack vector, No privileges required, User interaction required, and impacts to con...
CVE-2024-21354
Technical details for CVE-2024-21354 are not publicly provided in the connected documents. No vendor/product specifics or remediation are included. Monitor for updates.
CVE-2024-20665
CVE-2024-20665 is described as a BitLocker Security Feature Bypass vulnerability. Per the NVD entry, the exploit requires local access (AV: Local) with high privileges (PR: High) and no user interaction (UI: None), with a impact profile of high in confidentiality, integrity, and availability, and...
CVE-2024-21439
CVE-2024-21439 is a Windows Telephony Server Elevation of Privilege vulnerability with a CVSS v3.1 base score of 7.0 (HIGH). Attack vector is LOCAL with HIGH impact on confidentiality, integrity, and availability, and the exploit requires LOW privileges and no user interaction, but the document n...