Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-27834
The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
2 Articles
NA
CVE-2024-4559
Heap buffer overflow in WebAudio in Google Chrome before 124.0.6367.155 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-4558
Use after free in ANGLE in Google Chrome before 124.0.6367.155 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-4331
Use after free in Picture In Picture in Google Chrome before 124.0.6367.118 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-4368
Use after free in Dawn in Google Chrome before 124.0.6367.118 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-31747
An issue in Yealink VP59 Microsoft Teams Phone firmware 91.15.0.118 (fixed in 122.15.0.142) allows a physically proximate malicious user to disable the phone lock via the Walkie Talkie menu option.
NA
CVE-2024-1874
In PHP versions 8.1.* prior to 8.1.28, 8.2.* prior to 8.2.18, 8.3.* prior to 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that woul...
1 Github repository
NA
CVE-2024-28240
The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the c...
5
CVSSv3
CVE-2024-29991
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
5.4
CVSSv3
CVE-2024-29986
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »