Описание
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions, spoof user interface.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Network Virtualization can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- An out of bounds write vulnerability in grub can be exploited to execute arbitrary code or cause denial of service.
- An information disclosure vulnerability in Security Center Broker can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows TCP/IP can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows IP Routing Management Snapin can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Layer-2 Bridge Network Driver can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Microsoft DWM Core Library can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Kernel Streaming Service Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
- A buffer overflow vulnerability in grub_font_construct_glyph() can be exploited to bypass security restrictions.
- A remote code execution vulnerability in Windows Deployment Services can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Resource Manager PSM Service Extension can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
- A tampering vulnerability in Windows Compressed Folder can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Shim can be exploiter remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Local Security Authority (LSA) Server can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Clipboard Virtual Channel Extension can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Secure Kernel Mode can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Resilient File System (ReFS) can be exploited remotely to gain privileges.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
- A spoofing vulnerability in Windows DNS can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Windows Initial Machine Configuration can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Line Printer Daemon (LPD) Service can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Mobile Broadband Driver can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Windows Reliable Multicast Transport Driver (RMCAST) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Power Dependency Coordinator can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Bluetooth Driver can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows SmartScreen can be exploited remotely to bypass security restrictions.
Первичный источник обнаружения
- CVE-2024-38198
CVE-2024-38120
CVE-2024-38160
CVE-2024-38133
CVE-2022-3775
CVE-2024-38155
CVE-2024-38063
CVE-2024-38114
CVE-2024-38145
CVE-2024-38147
CVE-2024-38191
CVE-2024-38144
CVE-2024-38126
CVE-2024-38125
CVE-2024-38151
CVE-2022-2601
CVE-2024-38138
CVE-2024-38215
CVE-2024-38128
CVE-2024-29995
CVE-2024-38136
CVE-2024-38132
CVE-2024-38143
CVE-2024-38154
CVE-2024-38185
CVE-2024-38193
CVE-2024-38165
CVE-2023-40547
CVE-2024-38127
CVE-2024-38214
CVE-2024-38148
CVE-2024-38163
CVE-2024-38184
CVE-2024-38187
CVE-2024-38116
CVE-2024-38134
CVE-2024-38122
CVE-2024-38131
CVE-2024-38152
CVE-2024-38150
CVE-2024-38159
CVE-2024-38142
CVE-2024-38186
CVE-2024-38135
CVE-2024-38178
CVE-2024-38153
CVE-2024-38141
CVE-2024-38137
CVE-2024-38117
CVE-2024-37968
CVE-2024-38223
CVE-2024-38121
CVE-2024-38130
CVE-2024-38199
CVE-2024-38161
CVE-2024-38115
CVE-2024-38146
CVE-2024-38196
CVE-2024-38118
CVE-2024-38213
CVE-2024-38140
CVE-2024-38107
CVE-2024-38123
CVE-2024-38106
CVE-2024-38180
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-10
- Microsoft-Windows-Server-2016
- Microsoft-Windows-Server-2019
- Microsoft-Windows-11
- Microsoft-Remote-Desktop
- Microsoft-Windows-Server-2022
Список CVE
- CVE-2022-2601 critical
- CVE-2022-3775 high
- CVE-2023-40547 critical
- CVE-2024-38198 critical
- CVE-2024-38120 critical
- CVE-2024-38160 critical
- CVE-2024-38133 critical
- CVE-2024-38155 high
- CVE-2024-38063 critical
- CVE-2024-38114 critical
- CVE-2024-38145 critical
- CVE-2024-38147 critical
- CVE-2024-38191 critical
- CVE-2024-38144 critical
- CVE-2024-38126 critical
- CVE-2024-38125 critical
- CVE-2024-38151 high
- CVE-2024-38138 critical
- CVE-2024-38215 critical
- CVE-2024-38128 critical
- CVE-2024-29995 critical
- CVE-2024-38136 high
- CVE-2024-38132 critical
- CVE-2024-38143 warning
- CVE-2024-38154 critical
- CVE-2024-38185 critical
- CVE-2024-38193 critical
- CVE-2024-38165 high
- CVE-2024-38127 critical
- CVE-2024-38214 high
- CVE-2024-38148 critical
- CVE-2024-38163 critical
- CVE-2024-38184 critical
- CVE-2024-38187 critical
- CVE-2024-38116 critical
- CVE-2024-38134 critical
- CVE-2024-38122 high
- CVE-2024-38131 critical
- CVE-2024-38152 critical
- CVE-2024-38150 critical
- CVE-2024-38159 critical
- CVE-2024-38142 critical
- CVE-2024-38186 critical
- CVE-2024-38135 critical
- CVE-2024-38178 critical
- CVE-2024-38153 critical
- CVE-2024-38141 critical
- CVE-2024-38137 high
- CVE-2024-38117 critical
- CVE-2024-37968 critical
- CVE-2024-38223 high
- CVE-2024-38121 critical
- CVE-2024-38130 critical
- CVE-2024-38199 critical
- CVE-2024-38161 high
- CVE-2024-38115 critical
- CVE-2024-38146 critical
- CVE-2024-38196 critical
- CVE-2024-38118 high
- CVE-2024-38213 high
- CVE-2024-38140 critical
- CVE-2024-38107 critical
- CVE-2024-38123 warning
- CVE-2024-38106 high
- CVE-2024-38180 critical
Список KB
- 5039213
- 5039214
- 5039217
- 5039225
- 5039330
- 5039236
- 5039212
- 5039211
- 5039227
- 5040448
- 5040434
- 5040437
- 5040430
- 5040442
- 5040427
- 5040438
- 5040431
- 5042321
- 5041160
- 5041580
- 5042320
- 5041592
- 5041578
- 5042322
- 5041571
- 5041782
- 5041773
- 5041573
- 5041585
- 5043050
- 5043051
- 5042881
- 5043055
- 5043067
- 5043126
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!