Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft windows - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1874
In PHP versions 8.1.* prior to 8.1.28, 8.2.* prior to 8.2.18, 8.3.* prior to 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that woul...
1 Github repository
NA
CVE-2024-28240
The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the c...
NA
CVE-2024-29991
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
NA
CVE-2024-23593
A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges.
1 Article
NA
CVE-2024-23594
A buffer overflow vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to execute arbitrary code.
1 Article
NA
CVE-2024-3566
A command inject vulnerability allows an malicious user to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.
1 Github repository
NA
CVE-2024-24576
Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to ...
13 Github repositories
2 Articles
NA
CVE-2024-22423
yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using `--exec` with `%q` by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion o...
1 Github repository
NA
CVE-2024-29064
Windows Hyper-V Denial of Service Vulnerability
1 Article
NA
CVE-2024-29066
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »