ISHACK AI BOT

Alma Linux: CVE-2024-6604: Important: firefox security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/20/2024 Added 07/19/2024 Modified 09/19/2024 Description Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-6604 CVE - 2024-6604 https://errata.almalinux.org/8/ALSA-2024-4517.html https://errata.almalinux.org/8/ALSA-2024-4635.html https://errata.almalinux.org/9/ALSA-2024-4500.html https://errata.almalinux.org/9/ALSA-2024-4624.html

Alma Linux: CVE-2024-6501: Low: NetworkManager security update (ALSA-2024-9317) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service. Solution(s) alma-upgrade-networkmanager alma-upgrade-networkmanager-adsl alma-upgrade-networkmanager-bluetooth alma-upgrade-networkmanager-cloud-setup alma-upgrade-networkmanager-config-connectivity-redhat alma-upgrade-networkmanager-config-server alma-upgrade-networkmanager-dispatcher-routing-rules alma-upgrade-networkmanager-initscripts-updown alma-upgrade-networkmanager-libnm alma-upgrade-networkmanager-libnm-devel alma-upgrade-networkmanager-ovs alma-upgrade-networkmanager-ppp alma-upgrade-networkmanager-team alma-upgrade-networkmanager-tui alma-upgrade-networkmanager-wifi alma-upgrade-networkmanager-wwan References https://attackerkb.com/topics/cve-2024-6501 CVE - 2024-6501 https://errata.almalinux.org/9/ALSA-2024-9317.html

Gentoo Linux: CVE-2024-6612: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 12/10/2024 Added 12/09/2024 Modified 12/09/2024 Description CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-6612 CVE - 2024-6612 202412-04

Gentoo Linux: CVE-2024-6608: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/09/2024 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-6608 CVE - 2024-6608 202412-04

Gentoo Linux: CVE-2024-6601: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 12/10/2024 Added 12/09/2024 Modified 12/09/2024 Description A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Solution(s) gentoo-linux-upgrade-dev-lang-spidermonkey gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-6601 CVE - 2024-6601 202412-04 202412-06 202412-13

Ubuntu: USN-6889-1 (CVE-2024-35264): .NET vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description .NET and Visual Studio Remote Code Execution Vulnerability Solution(s) ubuntu-upgrade-aspnetcore-runtime-6-0 ubuntu-upgrade-aspnetcore-runtime-8-0 ubuntu-upgrade-dotnet-host ubuntu-upgrade-dotnet-host-8-0 ubuntu-upgrade-dotnet-hostfxr-6-0 ubuntu-upgrade-dotnet-hostfxr-8-0 ubuntu-upgrade-dotnet-runtime-6-0 ubuntu-upgrade-dotnet-runtime-8-0 ubuntu-upgrade-dotnet-sdk-6-0 ubuntu-upgrade-dotnet-sdk-8-0 ubuntu-upgrade-dotnet6 ubuntu-upgrade-dotnet8 References https://attackerkb.com/topics/cve-2024-35264 CVE - 2024-35264 USN-6889-1

Microsoft Office: CVE-2024-38020: Microsoft Outlook Spoofing Vulnerability Severity 4 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/10/2024 Description Microsoft Outlook Spoofing Vulnerability Solution(s) microsoft-office_2016-kb5002620 microsoft-outlook_2016-kb5002621 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2024-38020 CVE - 2024-38020 https://support.microsoft.com/help/5002620 https://support.microsoft.com/help/5002621

Rocky Linux: CVE-2024-30105: dotnet8.0 (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/09/2024 Created 07/16/2024 Added 07/16/2024 Modified 01/28/2025 Description .NET and Visual Studio Denial of Service Vulnerability Solution(s) rocky-upgrade-aspnetcore-runtime-8.0 rocky-upgrade-aspnetcore-runtime-dbg-8.0 rocky-upgrade-aspnetcore-targeting-pack-8.0 rocky-upgrade-dotnet rocky-upgrade-dotnet-apphost-pack-8.0 rocky-upgrade-dotnet-apphost-pack-8.0-debuginfo rocky-upgrade-dotnet-host rocky-upgrade-dotnet-host-debuginfo rocky-upgrade-dotnet-hostfxr-8.0 rocky-upgrade-dotnet-hostfxr-8.0-debuginfo rocky-upgrade-dotnet-runtime-8.0 rocky-upgrade-dotnet-runtime-8.0-debuginfo rocky-upgrade-dotnet-runtime-dbg-8.0 rocky-upgrade-dotnet-sdk-8.0 rocky-upgrade-dotnet-sdk-8.0-debuginfo rocky-upgrade-dotnet-sdk-8.0-source-built-artifacts rocky-upgrade-dotnet-sdk-dbg-8.0 rocky-upgrade-dotnet-targeting-pack-8.0 rocky-upgrade-dotnet-templates-8.0 rocky-upgrade-dotnet8.0-debuginfo rocky-upgrade-dotnet8.0-debugsource rocky-upgrade-netstandard-targeting-pack-2.1 References https://attackerkb.com/topics/cve-2024-30105 CVE - 2024-30105 https://errata.rockylinux.org/RLSA-2024:4450 https://errata.rockylinux.org/RLSA-2024:4451

Ubuntu: USN-6890-1 (CVE-2024-6615): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/12/2024 Added 07/11/2024 Modified 10/23/2024 Description Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2024-6615 CVE - 2024-6615 USN-6890-1

Rocky Linux: CVE-2024-6604: thunderbird (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/16/2024 Added 07/16/2024 Modified 11/18/2024 Description Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-6604 CVE - 2024-6604 https://errata.rockylinux.org/RLSA-2024:4500 https://errata.rockylinux.org/RLSA-2024:4624 https://errata.rockylinux.org/RLSA-2024:4635

Ubuntu: (Multiple Advisories) (CVE-2024-6603): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/12/2024 Added 07/11/2024 Modified 07/23/2024 Description In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-6603 CVE - 2024-6603 USN-6890-1 USN-6903-1

Rocky Linux: CVE-2024-6603: thunderbird (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/16/2024 Added 07/16/2024 Modified 11/18/2024 Description In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-6603 CVE - 2024-6603 https://errata.rockylinux.org/RLSA-2024:4500 https://errata.rockylinux.org/RLSA-2024:4624 https://errata.rockylinux.org/RLSA-2024:4635

Rocky Linux: CVE-2024-35264: dotnet8.0 (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/16/2024 Added 07/16/2024 Modified 01/28/2025 Description .NET and Visual Studio Remote Code Execution Vulnerability Solution(s) rocky-upgrade-aspnetcore-runtime-8.0 rocky-upgrade-aspnetcore-runtime-dbg-8.0 rocky-upgrade-aspnetcore-targeting-pack-8.0 rocky-upgrade-dotnet rocky-upgrade-dotnet-apphost-pack-8.0 rocky-upgrade-dotnet-apphost-pack-8.0-debuginfo rocky-upgrade-dotnet-host rocky-upgrade-dotnet-host-debuginfo rocky-upgrade-dotnet-hostfxr-8.0 rocky-upgrade-dotnet-hostfxr-8.0-debuginfo rocky-upgrade-dotnet-runtime-8.0 rocky-upgrade-dotnet-runtime-8.0-debuginfo rocky-upgrade-dotnet-runtime-dbg-8.0 rocky-upgrade-dotnet-sdk-8.0 rocky-upgrade-dotnet-sdk-8.0-debuginfo rocky-upgrade-dotnet-sdk-8.0-source-built-artifacts rocky-upgrade-dotnet-sdk-dbg-8.0 rocky-upgrade-dotnet-targeting-pack-8.0 rocky-upgrade-dotnet-templates-8.0 rocky-upgrade-dotnet8.0-debuginfo rocky-upgrade-dotnet8.0-debugsource rocky-upgrade-netstandard-targeting-pack-2.1 References https://attackerkb.com/topics/cve-2024-35264 CVE - 2024-35264 https://errata.rockylinux.org/RLSA-2024:4450 https://errata.rockylinux.org/RLSA-2024:4451

Ubuntu: USN-6890-1 (CVE-2024-6608): Firefox vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/09/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2024-6608 CVE - 2024-6608 USN-6890-1

Ubuntu: USN-6890-1 (CVE-2024-6611): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/12/2024 Added 07/11/2024 Modified 10/23/2024 Description A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2024-6611 CVE - 2024-6611 USN-6890-1

Ubuntu: USN-6890-1 (CVE-2024-6606): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/12/2024 Added 07/11/2024 Modified 11/29/2024 Description Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2024-6606 CVE - 2024-6606 USN-6890-1

MFSA2024-29 Firefox: Security Vulnerabilities fixed in Firefox 128 (CVE-2024-6607) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/10/2024 Added 07/10/2024 Modified 07/18/2024 Description It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `&lt;select&gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) mozilla-firefox-upgrade-128_0 References https://attackerkb.com/topics/cve-2024-6607 CVE - 2024-6607 http://www.mozilla.org/security/announce/2024/mfsa2024-29.html

Ubuntu: (Multiple Advisories) (CVE-2024-6604): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 07/12/2024 Added 07/11/2024 Modified 07/23/2024 Description Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-6604 CVE - 2024-6604 USN-6890-1 USN-6903-1

Rocky Linux: CVE-2024-22020: nodejs-18 (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 09/18/2024 Added 09/17/2024 Modified 11/18/2024 Description A security flaw in Node.jsallows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports. Exploiting this flaw can violate network import security, posing a risk to developers and servers. Solution(s) rocky-upgrade-nodejs rocky-upgrade-nodejs-debuginfo rocky-upgrade-nodejs-debugsource rocky-upgrade-nodejs-devel rocky-upgrade-nodejs-full-i18n rocky-upgrade-npm References https://attackerkb.com/topics/cve-2024-22020 CVE - 2024-22020 https://errata.rockylinux.org/RLSA-2024:5814 https://errata.rockylinux.org/RLSA-2024:5815 https://errata.rockylinux.org/RLSA-2024:6147 https://errata.rockylinux.org/RLSA-2024:6148

Microsoft Windows: CVE-2024-38079: Windows Graphics Component Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/06/2024 Description Windows Graphics Component Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5040448 microsoft-windows-windows_10-1607-kb5040434 microsoft-windows-windows_10-1809-kb5040430 microsoft-windows-windows_10-21h2-kb5040427 microsoft-windows-windows_10-22h2-kb5040427 microsoft-windows-windows_11-21h2-kb5040431 microsoft-windows-windows_11-22h2-kb5040442 microsoft-windows-windows_11-23h2-kb5040442 microsoft-windows-windows_server_2012-kb5040485 microsoft-windows-windows_server_2012_r2-kb5040456 microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 msft-kb5040490-a33291f3-f1b2-46ec-995d-5a6bcd9b90c7 msft-kb5040490-ecd666b8-158c-4500-abdb-abf60983b463 msft-kb5040498-f961cc14-8b04-4069-ace4-5f938af42077 References https://attackerkb.com/topics/cve-2024-38079 CVE - 2024-38079 https://support.microsoft.com/help/5040427 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040431 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040442 https://support.microsoft.com/help/5040448 https://support.microsoft.com/help/5040456 https://support.microsoft.com/help/5040485 View more

Microsoft Windows: CVE-2024-38077: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/06/2024 Description Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5040485 microsoft-windows-windows_server_2012_r2-kb5040456 microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 msft-kb5040490-a33291f3-f1b2-46ec-995d-5a6bcd9b90c7 msft-kb5040490-ecd666b8-158c-4500-abdb-abf60983b463 msft-kb5040498-f961cc14-8b04-4069-ace4-5f938af42077 References https://attackerkb.com/topics/cve-2024-38077 CVE - 2024-38077 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040456 https://support.microsoft.com/help/5040485 View more

Microsoft CVE-2024-37321: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 07/24/2024 Description Microsoft CVE-2024-37321: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Solution(s) msft-kb5040936-7fc6ee4b-10c8-4f0d-bfee-7af9fded9609-x64 msft-kb5040939-da31a30d-c2f7-4572-ba58-bf7768fdba81-x64 msft-kb5040940-e9a129ab-0013-46f1-ad94-774cdd4fbb50-x64 msft-kb5040942-03004e03-15c7-4451-b235-4988dfedd7e4-x64 msft-kb5040946-03a36e8c-1a66-4fc1-b864-e3e98bd3b365-x64 msft-kb5040948-8aff9f52-1745-404e-a0ba-c2abcd699a72-x64 msft-kb5040986-5d553aff-31db-4dd2-8bc7-3eccaf22bf65-x64 References https://attackerkb.com/topics/cve-2024-37321 CVE - 2024-37321 5040936 5040939 5040940 5040942 5040944 5040946 5040948 5040986 View more

Microsoft CVE-2024-37324: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 07/24/2024 Description Microsoft CVE-2024-37324: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Solution(s) msft-kb5040936-7fc6ee4b-10c8-4f0d-bfee-7af9fded9609-x64 msft-kb5040939-da31a30d-c2f7-4572-ba58-bf7768fdba81-x64 msft-kb5040940-e9a129ab-0013-46f1-ad94-774cdd4fbb50-x64 msft-kb5040942-03004e03-15c7-4451-b235-4988dfedd7e4-x64 msft-kb5040946-03a36e8c-1a66-4fc1-b864-e3e98bd3b365-x64 msft-kb5040948-8aff9f52-1745-404e-a0ba-c2abcd699a72-x64 msft-kb5040986-5d553aff-31db-4dd2-8bc7-3eccaf22bf65-x64 References https://attackerkb.com/topics/cve-2024-37324 CVE - 2024-37324 5040936 5040939 5040940 5040942 5040944 5040946 5040948 5040986 View more

Microsoft CVE-2024-37326: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 07/24/2024 Description Microsoft CVE-2024-37326: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Solution(s) msft-kb5040936-7fc6ee4b-10c8-4f0d-bfee-7af9fded9609-x64 msft-kb5040939-da31a30d-c2f7-4572-ba58-bf7768fdba81-x64 msft-kb5040940-e9a129ab-0013-46f1-ad94-774cdd4fbb50-x64 msft-kb5040942-03004e03-15c7-4451-b235-4988dfedd7e4-x64 msft-kb5040946-03a36e8c-1a66-4fc1-b864-e3e98bd3b365-x64 msft-kb5040948-8aff9f52-1745-404e-a0ba-c2abcd699a72-x64 msft-kb5040986-5d553aff-31db-4dd2-8bc7-3eccaf22bf65-x64 References https://attackerkb.com/topics/cve-2024-37326 CVE - 2024-37326 5040936 5040939 5040940 5040942 5040944 5040946 5040948 5040986 View more

Microsoft CVE-2024-37323: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 07/24/2024 Description Microsoft CVE-2024-37323: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability Solution(s) msft-kb5040936-7fc6ee4b-10c8-4f0d-bfee-7af9fded9609-x64 msft-kb5040939-da31a30d-c2f7-4572-ba58-bf7768fdba81-x64 msft-kb5040940-e9a129ab-0013-46f1-ad94-774cdd4fbb50-x64 msft-kb5040942-03004e03-15c7-4451-b235-4988dfedd7e4-x64 msft-kb5040946-03a36e8c-1a66-4fc1-b864-e3e98bd3b365-x64 msft-kb5040948-8aff9f52-1745-404e-a0ba-c2abcd699a72-x64 msft-kb5040986-5d553aff-31db-4dd2-8bc7-3eccaf22bf65-x64 References https://attackerkb.com/topics/cve-2024-37323 CVE - 2024-37323 5040936 5040939 5040940 5040942 5040944 5040946 5040948 5040986 View more