cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21412,https://securityvulnerability.io/vulnerability/CVE-2024-21412,Newly Discovered Vulnerability Allows Attackers to Bypass Security Measures,"A security feature bypass vulnerability exists in Internet Shortcut Files, which allows attackers to potentially exploit weaknesses in the way these files are processed. This vulnerability can allow unauthorized actions that compromise user trust and system integrity. Organizations utilizing affected Microsoft products should implement necessary security measures and apply the latest updates to mitigate potential risks associated with this vulnerability.",Microsoft,"Windows 11 Version 21h2,Windows 10 Version 1809,Windows 10 Version 21h2,Windows Server 2022,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2019,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows Server 2019 (server Core Installation)",8.1,HIGH,0.03175999969244003,true,2024-02-13T00:00:00.000Z,true,true,true,2024-02-12T23:00:00.000Z,true,true,true,2024-02-16T13:52:02.994Z,2024-02-13T18:02:49.184Z,41349
CVE-2024-21413,https://securityvulnerability.io/vulnerability/CVE-2024-21413,Remote Code Execution Vulnerability Affects Microsoft Outlook,"A remote code execution vulnerability in Microsoft Outlook allows an attacker to run arbitrary code on a user's system. This can occur when the vulnerable version processes specially crafted email messages, which can result in unauthorized access or control over the affected system. Attackers can exploit this vulnerability without user interaction by enticing victims to open a malicious email. Organizations using vulnerable Outlook versions are highly recommended to apply security updates to mitigate potential risks.",Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Office 2016",9.8,CRITICAL,0.0005300000193528831,false,,true,true,true,2024-02-14T13:17:19.000Z,true,true,true,2024-02-16T18:52:03.009Z,2024-02-13T18:02:24.799Z,69770
CVE-2024-21338,https://securityvulnerability.io/vulnerability/CVE-2024-21338,Windows Kernel Elevation of Privilege Vulnerability,"The Windows Kernel Elevation of Privilege Vulnerability poses a significant security concern for users of Microsoft Windows operating systems. This vulnerability allows an attacker to execute code with elevated privileges, potentially enabling unauthorized access to the system and modifications to critical system processes. Exploitation of this flaw can lead to significant security breaches, as attackers may gain the ability to install programs, view, change, or delete data, and create new accounts with full user rights. Timely software updates and security patches are essential to mitigate the risks associated with this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation)",7.8,HIGH,0.0017500000540167093,true,2024-03-04T00:00:00.000Z,true,true,true,2024-02-29T10:28:36.000Z,true,true,true,2024-03-04T06:52:03.115Z,2024-02-13T18:02:09.738Z,15199
CVE-2024-21378,https://securityvulnerability.io/vulnerability/CVE-2024-21378,Remote Code Execution Vulnerability Affects Microsoft Outlook,"The vulnerability in Microsoft Outlook enables remote code execution, which can allow an attacker to execute arbitrary code on the victim's system. This security flaw arises when Outlook improperly handles specific types of emails, potentially enabling threat actors to exploit this gap. Successful exploitation could result in unauthorized access to sensitive information, system compromise, and disruption of services. It is imperative for users to apply security updates and remain vigilant against suspicious emails and attachments to mitigate risks.",Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Outlook 2016",8.8,HIGH,0.0006399999838322401,false,,true,false,true,2024-03-12T23:19:45.000Z,true,true,true,2024-03-13T22:52:02.682Z,2024-02-13T18:02:42.999Z,8384
CVE-2024-30078,https://securityvulnerability.io/vulnerability/CVE-2024-30078,Windows Wi-Fi Driver Remote Code Execution Vulnerability,"A vulnerability exists in the Windows Wi-Fi Driver that could allow an attacker to execute arbitrary code on the affected system. This vulnerability can be exploited by sending specially crafted requests to the driver, which may lead to unauthorized access and control over the compromised system. Users are advised to apply the necessary patches and updates to mitigate the risks associated with this exploit.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",8.8,HIGH,0.0005300000193528831,false,,true,true,true,2024-06-12T14:23:53.000Z,true,true,true,2024-06-15T20:52:02.635Z,2024-06-11T16:59:44.972Z,28435
CVE-2024-30103,https://securityvulnerability.io/vulnerability/CVE-2024-30103,Remote Code Execution Vulnerability Affects Microsoft Outlook,"A remote code execution vulnerability in Microsoft Outlook allows an attacker to execute arbitrary code on a user's system. This issue arises from improper handling of data in email messages that allows attackers to craft malicious emails that, when opened, can execute code to compromise the user's system. As a precaution, users are advised to apply the latest updates provided by Microsoft to safeguard their systems.",Microsoft,"Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc 2021,Microsoft Outlook 2016",8.8,HIGH,0.0004799999878741801,false,,true,false,true,2024-06-11T18:13:33.000Z,,true,true,2024-06-22T12:52:02.299Z,2024-06-11T17:00:04.279Z,21246
CVE-2024-38112,https://securityvulnerability.io/vulnerability/CVE-2024-38112,MSHTML Platform Spoofing Vulnerability,"The Windows MSHTML platform spoofing vulnerability allows attackers to manipulate the MSHTML platform, potentially leading to a spoofing attack that compromises the integrity of web content. Exploitation of this vulnerability could enable malicious actors to misrepresent legitimate web pages or applications, leading to unauthorized access to sensitive information or actions without user consent. Protection through regular updates and user awareness is essential to mitigate the impact of this vulnerability.",Microsoft,"Windows 10 Version 22h2,Windows 11 Version 23h2,Windows 10 Version 1507,Windows 11 Version 22h2,Windows 10 Version 1607,Windows Server 2016,Windows 10 Version 21h2,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows 10 Version 1809,Windows Server 2012 R2,Windows 11 Version 22h3,Windows Server 2012 R2 (server Core Installation),Windows Server 2022,Windows Server 2022, 23h2 Edition (server Core Installation),Windows Server 2019 (server Core Installation),Windows 11 Version 21h2,Windows Server 2019",7.5,HIGH,0.004980000201612711,true,2024-07-09T00:00:00.000Z,true,true,true,2024-07-09T00:00:00.000Z,,true,true,2024-07-29T03:52:02.508Z,2024-07-09T17:02:38.208Z,83541
CVE-2024-38077,https://securityvulnerability.io/vulnerability/CVE-2024-38077,Remote Desktop Licensing Service Remote Code Execution Vulnerability,"A vulnerability exists in the Windows Remote Desktop Licensing Service that could allow an attacker to execute remote code on the affected systems. This security issue can be exploited through specially crafted requests to the service, leading to potential unauthorized access and control of the system. It is crucial for organizations to apply security updates and patches provided by Microsoft to mitigate the risk associated with this vulnerability. Regularly reviewing security practices and maintaining updated systems are essential measures to protect against such threats.",Microsoft,"Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows Server 2022, 23h2 Edition (server Core Installation),Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",9.8,CRITICAL,0.0005300000193528831,false,,true,true,true,2024-08-09T04:10:32.000Z,true,true,true,2024-08-10T08:52:02.875Z,2024-07-09T17:15:00.000Z,14977
CVE-2024-38063,https://securityvulnerability.io/vulnerability/CVE-2024-38063,Windows TCP/IP Remote Code Execution Vulnerability,"An identified vulnerability in the Windows TCP/IP stack permits an unauthorized attacker to execute arbitrary code on vulnerable systems. By sending specially crafted packets, an assailant can gain control over the affected system, enabling potential unauthorized access, data theft, or further system compromise. This vulnerability underscored the critical need for diligent patching and security measures for Windows environments, particularly within enterprise networks. Affected versions include multiple editions of Windows, and mitigation involves immediate application of security updates as provided by Microsoft.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation),Windows 11 Version 24h2",9.8,CRITICAL,0.0011599999852478504,false,,true,false,true,2024-08-14T01:45:21.000Z,true,true,true,2024-08-14T15:52:02.274Z,2024-08-13T17:29:58.392Z,130928
CVE-2024-43491,https://securityvulnerability.io/vulnerability/CVE-2024-43491,Windows 10 Version 1507 Faces Vulnerability Due to Rollback of Previous Fixes,"A vulnerability in the Servicing Stack of Microsoft Windows 10 has resulted in the rollback of security fixes for certain Optional Components on Windows 10, version 1507. This issue allows for the potential exploitation of vulnerabilities that were previously mitigated. Systems running the affected versions, specifically Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB, may face increased risk after installing the Windows security update KB5035858 released on March 12, 2024. Organizations are encouraged to apply the September 2024 Servicing Stack Update (SSU KB5043936) followed by the September 2024 Windows security update (KB5043083) to address these vulnerabilities. It's important to note that Windows 10, version 1507 reached end of support on May 9, 2017, and only specific editions remain supported.",Microsoft,Windows 10 Version 1507,9.8,CRITICAL,0.0010100000072270632,true,2024-09-10T00:00:00.000Z,true,false,true,2024-09-10T00:00:00.000Z,,true,true,2024-09-16T00:52:02.742Z,2024-09-10T16:54:20.436Z,4908
CVE-2024-38014,https://securityvulnerability.io/vulnerability/CVE-2024-38014,Elevation of Privilege Vulnerability Affects Windows Installer,"A vulnerability exists within the Windows Installer component that allows attackers to gain elevated privileges on affected systems. This weakness can be exploited to perform unauthorized actions on the system, compromising security and data integrity. Users are encouraged to review the associated updates and apply necessary patches to mitigate the risks associated with this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.8,HIGH,0.1057099997997284,true,2024-09-10T00:00:00.000Z,true,false,true,2024-09-10T00:00:00.000Z,,true,true,2024-09-16T02:52:02.880Z,2024-09-10T16:53:54.780Z,5207
CVE-2024-49112,https://securityvulnerability.io/vulnerability/CVE-2024-49112,Remote Code Execution Vulnerability in Windows Lightweight Directory Access Protocol,"A vulnerability exists within the Windows Lightweight Directory Access Protocol (LDAP), which allows for the execution of remote code. This flaw could enable an attacker to send specially crafted requests to the LDAP server, leading to potential unauthorized access and manipulation of system resources. Organizations utilizing affected versions of Windows should prioritize patching to mitigate the risk associated with this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",9.8,CRITICAL,0.0005200000014156103,false,,false,false,true,2024-12-16T22:41:40.000Z,true,true,true,2024-12-16T23:52:02.237Z,2024-12-12T02:04:00.000Z,22917
CVE-2025-21316,https://securityvulnerability.io/vulnerability/CVE-2025-21316,Windows Kernel Memory Information Disclosure Vulnerability,"The Windows Kernel Memory Information Disclosure vulnerability allows unauthorized users to access sensitive information stored in memory. This exposure can compromise system integrity and user data, making it crucial for organizations to understand the implications and apply necessary security patches to mitigate potential threats.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",5.5,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,true,true,2025-01-21T21:52:02.463Z,2025-01-14T18:03:57.038Z,10063
CVE-2025-21298,https://securityvulnerability.io/vulnerability/CVE-2025-21298,Windows OLE Remote Code Execution Vulnerability in Microsoft Products,"The Windows OLE Remote Code Execution Vulnerability allows an attacker to execute arbitrary code on an affected system via maliciously crafted OLE objects. Successful exploitation could enable attackers to install programs; view, change, or delete data; or create new accounts with full user rights. It's imperative for users to apply the necessary patches and updates provided by Microsoft to mitigate risks associated with this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",9.8,CRITICAL,0.0005300000193528831,false,,true,false,true,2025-01-16T12:50:00.000Z,true,true,true,2025-01-23T21:52:02.479Z,2025-01-14T18:03:51.083Z,14934
CVE-2025-21293,https://securityvulnerability.io/vulnerability/CVE-2025-21293,Active Directory Elevation of Privilege Vulnerability in Microsoft Products,"This vulnerability in Active Directory Domain Services allows attackers to gain elevated privileges within the system, potentially leading to unauthorized access and control over sensitive resources. By exploiting this flaw, an attacker could perform actions that exceed their intended access rights, resulting in significant security risks for affected environments. It is essential for administrators to implement appropriate security measures and updates to protect their systems against this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",8.8,HIGH,0.0005300000193528831,false,,true,false,true,2025-02-04T03:26:26.000Z,false,true,false,,2025-01-14T18:03:48.110Z,4434
CVE-2024-43468,https://securityvulnerability.io/vulnerability/CVE-2024-43468,Remote Code Execution Vulnerability Affects Microsoft Configuration Manager,"The vulnerability in Microsoft Configuration Manager allows remote code execution, potentially enabling attackers to gain control over affected systems. This security flaw can be exploited if an attacker sends a specially crafted request to the vulnerable application, leading to unauthorized execution of malicious code. Organizations using impacted versions of Microsoft Configuration Manager should prioritize applying available updates to mitigate risks associated with this vulnerability.",Microsoft,Microsoft Configuration Manager,9.8,CRITICAL,0.0005200000014156103,false,,true,false,true,2024-10-12T12:21:55.000Z,true,true,false,,2024-10-08T17:35:48.428Z,3239
CVE-2025-21333,https://securityvulnerability.io/vulnerability/CVE-2025-21333,Elevated Privilege Exposure in Windows Hyper-V by Microsoft,"A vulnerability has been identified in Windows Hyper-V, specifically related to the NT Kernel Integration Virtual Service Provider (VSP). This flaw allows an attacker to gain elevated privileges through carefully crafted input, potentially leading to unauthorized access and control over the host system. Users of Windows Hyper-V on various Windows platforms should prioritize applying security updates to mitigate risks associated with this vulnerability. For more details, visit the Microsoft Security Response Center.",Microsoft,"Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025",7.8,HIGH,0.0005099999834783375,true,2025-01-14T00:00:00.000Z,false,false,true,2025-01-14T00:00:00.000Z,false,true,false,,2025-01-14T18:04:50.962Z,5087
CVE-2024-49113,https://securityvulnerability.io/vulnerability/CVE-2024-49113,Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability,"The Windows Lightweight Directory Access Protocol (LDAP) Denial of Service vulnerability can cause significant disruptions in the availability of directory services. This issue arises from insufficient handling of certain types of LDAP requests, leading to scenarios where a targeted denial of service attack may disrupt normal operations. Organizations utilizing affected versions of Windows Server and Windows operating systems should be aware of the potential impact on their directory services operations and consider implementing recommended security updates to mitigate risks.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.5,HIGH,0.0005200000014156103,false,,true,false,true,2025-01-09T13:16:06.000Z,,true,false,,2024-12-12T02:04:00.000Z,5680
CVE-2024-30085,https://securityvulnerability.io/vulnerability/CVE-2024-30085,Elevation of Privilege Vulnerability in Microsoft Windows Cloud Files Mini Filter Driver,"The Windows Cloud Files Mini Filter Driver contains a vulnerability that could allow an attacker to execute arbitrary code with elevated privileges on affected systems. By manipulating the Mini Filter Driver, an attacker can bypass security measures that protect user data and system integrity. This vulnerability poses significant risks, especially in environments that rely heavily on cloud file services. It is crucial for organizations to apply security patches and implement best practices to mitigate potential exploitation risks.",Microsoft,"Windows 11 Version 21h2,Windows Server 2022,Windows 10 Version 1809,Windows Server 2019 (server Core Installation),Windows Server 2019,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 11 Version 22h3,Windows 10 Version 22h2,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation)",7.8,HIGH,0.0005499999970197678,false,,true,false,true,2024-12-20T08:29:09.000Z,true,true,false,,2024-06-11T16:59:54.339Z,2985
CVE-2024-49138,https://securityvulnerability.io/vulnerability/CVE-2024-49138,Windows Common Log File System Driver Elevation of Privilege Vulnerability,"The vulnerability in the Windows Common Log File System Driver allows attackers to gain elevated privileges on affected Windows systems. This can lead to unauthorized actions being performed, potentially compromising system integrity. Proper security measures and timely updates are essential to protect against exploitation. Users are urged to apply the necessary patches to mitigate risks associated with this vulnerability, ensuring their systems remain secure against potential threats. For further details on remediation, please refer to the official vendor advisory.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.8,HIGH,0.000539999979082495,true,2024-12-10T00:00:00.000Z,true,false,true,2024-12-10T00:00:00.000Z,true,true,false,,2024-12-12T02:04:00.000Z,5242
CVE-2024-49039,https://securityvulnerability.io/vulnerability/CVE-2024-49039,Elevation of Privilege Vulnerability Affects Windows Task Scheduler,"The vulnerability in the Windows Task Scheduler allows attackers to gain elevated privileges on affected systems. Exploitation of this flaw could enable unauthorized access to sensitive data and system controls, posing significant risks to organizational security. This vulnerability underscores the importance of timely patch management and security updates to protect against potential threats.",Microsoft,"Windows Server 2025,Windows Server 2025 (server Core Installation),Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation)",8.8,HIGH,0.006769999861717224,true,2024-11-12T00:00:00.000Z,true,true,true,2024-11-12T00:00:00.000Z,true,true,false,,2024-11-12T18:15:00.000Z,2026
CVE-2024-43451,https://securityvulnerability.io/vulnerability/CVE-2024-43451,Windows Under Attack: NTLM Hash Disclosure Spoofing Vulnerability Threatens User Credentials,"The NTLM hash disclosure spoofing vulnerability allows an attacker to exploit the NTLM authentication protocol, potentially leading to unauthorized access to sensitive information. This vulnerability can facilitate attacks by disclosing hashed credentials, which may be leveraged for further exploitation within the affected systems. Organizations utilizing affected Microsoft products should apply security recommendations promptly to mitigate any risks associated with this vulnerability.",Microsoft,"Windows Server 2025,Windows Server 2025 (server Core Installation),Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",6.5,MEDIUM,0.013269999995827675,true,2024-11-12T00:00:00.000Z,true,true,true,2024-11-12T00:00:00.000Z,true,true,false,,2024-11-12T18:15:00.000Z,9235
CVE-2024-38178,https://securityvulnerability.io/vulnerability/CVE-2024-38178,Memory Corruption Vulnerability in Scripting Engine Could Allow for Code Execution,"A vulnerability exists within the scripting engine that, if exploited, allows an attacker to corrupt memory. This could enable the execution of arbitrary code in the context of the user running the application. Successful exploitation may result in unauthorized data access, system instability, or allowing an attacker to install programs, view, change, or delete data. Users of affected products should ensure that they are using the latest security updates to mitigate exposure to this risk.",Microsoft,"Windows 11 Version 24h2,Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.5,HIGH,0.013849999755620956,true,2024-08-13T00:00:00.000Z,true,true,true,2024-08-13T00:00:00.000Z,,true,false,,2024-08-13T17:29:50.491Z,5071
CVE-2024-30088,https://securityvulnerability.io/vulnerability/CVE-2024-30088,Windows Kernel Elevation of Privilege Vulnerability,"This vulnerability allows an attacker to execute arbitrary code with elevated privileges, potentially gaining control over the affected system. By exploiting the fault in the Windows Kernel, the attacker could leverage this to manipulate system processes and escalate privileges, making it a significant concern for system integrity. Timely security updates and mitigating measures are essential to safeguard systems affected by this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation)",7,HIGH,0.005059999879449606,true,2024-10-15T00:00:00.000Z,true,true,true,2024-06-13T09:39:52.000Z,true,true,false,,2024-06-11T16:59:56.041Z,4430
CVE-2024-38206,https://securityvulnerability.io/vulnerability/CVE-2024-38206,Bypassing SSRF Protection Leaks Sensitive Information,"An authenticated attacker can exploit a vulnerability in Microsoft Copilot Studio that enables bypassing of Server-Side Request Forgery (SSRF) protections, resulting in the potential leakage of sensitive information across the network. This situation highlights the critical need for organizations to implement robust security measures to safeguard against unauthorized access and to regularly update their systems to mitigate such vulnerabilities. Microsoft has issued guidance on recognizing and addressing this issue in affected versions of the product.",Microsoft,Microsoft Copilot Studio,8.5,HIGH,0.0006300000241026282,false,,true,false,true,2024-08-21T11:59:17.000Z,,true,false,,2024-08-06T22:15:00.000Z,4533