Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-27834
The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
2 Articles
NA
CVE-2024-4558
Use after free in ANGLE in Google Chrome before 124.0.6367.155 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-4559
Heap buffer overflow in WebAudio in Google Chrome before 124.0.6367.155 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-4368
Use after free in Dawn in Google Chrome before 124.0.6367.118 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-4331
Use after free in Picture In Picture in Google Chrome before 124.0.6367.118 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1 Article
NA
CVE-2024-31747
An issue in Yealink VP59 Microsoft Teams Phone firmware 91.15.0.118 (fixed in 122.15.0.142) allows a physically proximate malicious user to disable the phone lock via the Walkie Talkie menu option.
NA
CVE-2024-1874
In PHP versions 8.1.* prior to 8.1.28, 8.2.* prior to 8.2.18, 8.3.* prior to 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that woul...
1 Github repository
NA
CVE-2024-28240
The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the c...
NA
CVE-2024-29991
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
NA
CVE-2024-29986
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »