ISHACK AI BOT

Debian: CVE-2021-47211: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/10/2024 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc The pointer cs_desc return from snd_usb_find_clock_source could be null, so there is a potential null pointer dereference issue. Fix this by adding a null check before dereference. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2021-47211 CVE - 2021-47211

Amazon Linux AMI 2: CVE-2024-3446: Security patch for qemu (ALAS-2024-2572) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/09/2024 Created 06/26/2024 Added 06/26/2024 Modified 06/26/2024 Description A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host. Solution(s) amazon-linux-ami-2-upgrade-ivshmem-tools amazon-linux-ami-2-upgrade-qemu amazon-linux-ami-2-upgrade-qemu-audio-alsa amazon-linux-ami-2-upgrade-qemu-audio-oss amazon-linux-ami-2-upgrade-qemu-audio-pa amazon-linux-ami-2-upgrade-qemu-audio-sdl amazon-linux-ami-2-upgrade-qemu-block-curl amazon-linux-ami-2-upgrade-qemu-block-dmg amazon-linux-ami-2-upgrade-qemu-block-iscsi amazon-linux-ami-2-upgrade-qemu-block-nfs amazon-linux-ami-2-upgrade-qemu-block-rbd amazon-linux-ami-2-upgrade-qemu-block-ssh amazon-linux-ami-2-upgrade-qemu-common amazon-linux-ami-2-upgrade-qemu-debuginfo amazon-linux-ami-2-upgrade-qemu-guest-agent amazon-linux-ami-2-upgrade-qemu-img amazon-linux-ami-2-upgrade-qemu-kvm amazon-linux-ami-2-upgrade-qemu-kvm-core amazon-linux-ami-2-upgrade-qemu-system-aarch64 amazon-linux-ami-2-upgrade-qemu-system-aarch64-core amazon-linux-ami-2-upgrade-qemu-system-x86 amazon-linux-ami-2-upgrade-qemu-system-x86-core amazon-linux-ami-2-upgrade-qemu-ui-curses amazon-linux-ami-2-upgrade-qemu-ui-gtk amazon-linux-ami-2-upgrade-qemu-ui-sdl amazon-linux-ami-2-upgrade-qemu-user amazon-linux-ami-2-upgrade-qemu-user-binfmt amazon-linux-ami-2-upgrade-qemu-user-static References https://attackerkb.com/topics/cve-2024-3446 AL2/ALAS-2024-2572 CVE - 2024-3446

Microsoft Windows: CVE-2024-29056: Windows Authentication Elevation of Privilege Vulnerability Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Windows Authentication Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 msft-kb5036922-1b6c2afa-24b1-40e8-bc07-9cb3aaf3e493 msft-kb5036950-1619240b-73e4-49a5-9412-39489e0e1cb4 msft-kb5036950-aeb7362d-f252-4046-a3e1-7ead5d01e242 References https://attackerkb.com/topics/cve-2024-29056 CVE - 2024-29056 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft Windows: CVE-2024-28920: Secure Boot Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 08/13/2024 Description Secure Boot Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-28920 CVE - 2024-28920 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 View more

Microsoft Windows: CVE-2024-26210: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 msft-kb5036922-1b6c2afa-24b1-40e8-bc07-9cb3aaf3e493 msft-kb5036950-1619240b-73e4-49a5-9412-39489e0e1cb4 msft-kb5036950-aeb7362d-f252-4046-a3e1-7ead5d01e242 References https://attackerkb.com/topics/cve-2024-26210 CVE - 2024-26210 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft Windows: CVE-2024-28904: Microsoft Brokering File System Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 08/13/2024 Description Microsoft Brokering File System Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-28904 CVE - 2024-28904 https://support.microsoft.com/help/5036910

Microsoft Windows: CVE-2024-21447: Windows Authentication Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 08/13/2024 Description Windows Authentication Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-21447 CVE - 2024-21447 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910

Microsoft Windows: CVE-2024-26179: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 msft-kb5036922-1b6c2afa-24b1-40e8-bc07-9cb3aaf3e493 msft-kb5036950-1619240b-73e4-49a5-9412-39489e0e1cb4 msft-kb5036950-aeb7362d-f252-4046-a3e1-7ead5d01e242 References https://attackerkb.com/topics/cve-2024-26179 CVE - 2024-26179 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft Windows: CVE-2024-26168: Secure Boot Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/05/2024 Description Secure Boot Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-26168 CVE - 2024-26168 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 View more

Fortinet FortiOS: Insufficiently Protected Credentials (CVE-2023-41677) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 12/17/2024 Added 12/16/2024 Modified 02/10/2025 Description A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack Solution(s) fortios-upgrade-6_2_16 fortios-upgrade-6_4_15 fortios-upgrade-7_0_13 fortios-upgrade-7_2_7 fortios-upgrade-7_4_2 References https://attackerkb.com/topics/cve-2023-41677 CVE - 2023-41677 https://fortiguard.com/psirt/FG-IR-23-493

Oracle Linux: CVE-2024-2905: ELSA-2024-3823:rpm-ostree security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 04/09/2024 Created 06/14/2024 Added 06/12/2024 Modified 12/05/2024 Description A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access. Solution(s) oracle-linux-upgrade-rpm-ostree oracle-linux-upgrade-rpm-ostree-libs References https://attackerkb.com/topics/cve-2024-2905 CVE - 2024-2905 ELSA-2024-3823

Adobe Illustrator: CVE-2024-30272: Security updates available for Adobe Illustrator (APSB24-25) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/17/2024 Added 04/17/2024 Modified 12/02/2024 Description Adobe has released an update for Adobe Illustrator. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and memory leak. Solution(s) adobe-illustrator-upgrade-latest References https://attackerkb.com/topics/cve-2024-30272 CVE - 2024-30272 https://helpx.adobe.com/security/products/illustrator/apsb24-25.html

SUSE: CVE-2024-3446: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/09/2024 Created 04/24/2024 Added 04/24/2024 Modified 10/31/2024 Description A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host. Solution(s) suse-upgrade-qemu suse-upgrade-qemu-accel-qtest suse-upgrade-qemu-accel-tcg-x86 suse-upgrade-qemu-arm suse-upgrade-qemu-audio-alsa suse-upgrade-qemu-audio-dbus suse-upgrade-qemu-audio-jack suse-upgrade-qemu-audio-pa suse-upgrade-qemu-audio-spice suse-upgrade-qemu-block-curl suse-upgrade-qemu-block-dmg suse-upgrade-qemu-block-gluster suse-upgrade-qemu-block-iscsi suse-upgrade-qemu-block-nfs suse-upgrade-qemu-block-rbd suse-upgrade-qemu-block-ssh suse-upgrade-qemu-chardev-baum suse-upgrade-qemu-chardev-spice suse-upgrade-qemu-extra suse-upgrade-qemu-guest-agent suse-upgrade-qemu-hw-display-qxl suse-upgrade-qemu-hw-display-virtio-gpu suse-upgrade-qemu-hw-display-virtio-gpu-pci suse-upgrade-qemu-hw-display-virtio-vga suse-upgrade-qemu-hw-s390x-virtio-gpu-ccw suse-upgrade-qemu-hw-usb-host suse-upgrade-qemu-hw-usb-redirect suse-upgrade-qemu-hw-usb-smartcard suse-upgrade-qemu-img suse-upgrade-qemu-ipxe suse-upgrade-qemu-ivshmem-tools suse-upgrade-qemu-ksm suse-upgrade-qemu-kvm suse-upgrade-qemu-lang suse-upgrade-qemu-microvm suse-upgrade-qemu-ppc suse-upgrade-qemu-pr-helper suse-upgrade-qemu-s390x suse-upgrade-qemu-seabios suse-upgrade-qemu-sgabios suse-upgrade-qemu-skiboot suse-upgrade-qemu-slof suse-upgrade-qemu-tools suse-upgrade-qemu-ui-curses suse-upgrade-qemu-ui-dbus suse-upgrade-qemu-ui-gtk suse-upgrade-qemu-ui-opengl suse-upgrade-qemu-ui-spice-app suse-upgrade-qemu-ui-spice-core suse-upgrade-qemu-vgabios suse-upgrade-qemu-vhost-user-gpu suse-upgrade-qemu-x86 References https://attackerkb.com/topics/cve-2024-3446 CVE - 2024-3446

Microsoft Windows: CVE-2024-26200: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 msft-kb5036922-1b6c2afa-24b1-40e8-bc07-9cb3aaf3e493 msft-kb5036950-1619240b-73e4-49a5-9412-39489e0e1cb4 msft-kb5036950-aeb7362d-f252-4046-a3e1-7ead5d01e242 References https://attackerkb.com/topics/cve-2024-26200 CVE - 2024-26200 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft Windows: CVE-2024-26230: Windows Telephony Server Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Windows Telephony Server Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 msft-kb5036922-1b6c2afa-24b1-40e8-bc07-9cb3aaf3e493 msft-kb5036950-1619240b-73e4-49a5-9412-39489e0e1cb4 msft-kb5036950-aeb7362d-f252-4046-a3e1-7ead5d01e242 References https://attackerkb.com/topics/cve-2024-26230 CVE - 2024-26230 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft CVE-2024-28909: Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 04/11/2024 Description Microsoft CVE-2024-28909: Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability Solution(s) msft-kb5035432-d97a1fcd-d0c8-40c3-9210-2d011a735734-x64 msft-kb5035434-2cd70150-9029-45c6-988e-1c461fbbf569-x64 msft-kb5036335-2e46842c-5d02-40bd-9d51-6b402081d64d-x64 msft-kb5036343-fc6968a8-4ca4-4135-b692-8ef1d5dc57dc-x64 References https://attackerkb.com/topics/cve-2024-28909 CVE - 2024-28909 5035432 5035434 5036335 5036343 5037572 5037573 View more

Microsoft Windows: CVE-2024-28907: Microsoft Brokering File System Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 08/13/2024 Description Microsoft Brokering File System Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-28907 CVE - 2024-28907 https://support.microsoft.com/help/5036910

Microsoft Windows: CVE-2024-28902: Windows Remote Access Connection Manager Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/05/2024 Description Windows Remote Access Connection Manager Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-28902 CVE - 2024-28902 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-28901: Windows Remote Access Connection Manager Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/05/2024 Description Windows Remote Access Connection Manager Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-28901 CVE - 2024-28901 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 View more

Microsoft Windows: CVE-2024-28900: Windows Remote Access Connection Manager Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/05/2024 Description Windows Remote Access Connection Manager Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-28900 CVE - 2024-28900 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-28898: Secure Boot Security Feature Bypass Vulnerability Severity 6 CVSS (AV:A/AC:H/Au:M/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Secure Boot Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-28898 CVE - 2024-28898 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft Windows: CVE-2024-28897: Secure Boot Security Feature Bypass Vulnerability Severity 7 CVSS (AV:A/AC:L/Au:M/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Secure Boot Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-28897 CVE - 2024-28897 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft Windows: CVE-2024-28896: Secure Boot Security Feature Bypass Vulnerability Severity 8 CVSS (AV:A/AC:M/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 09/06/2024 Description Secure Boot Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5036925 microsoft-windows-windows_10-1607-kb5036899 microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2012-kb5036969 microsoft-windows-windows_server_2012_r2-kb5036960 microsoft-windows-windows_server_2016-1607-kb5036899 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-28896 CVE - 2024-28896 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036899 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 https://support.microsoft.com/help/5036925 https://support.microsoft.com/help/5036960 https://support.microsoft.com/help/5036969 View more

Microsoft Windows: CVE-2024-26256: Libarchive Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 08/13/2024 Description libarchive Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-26256 CVE - 2024-26256 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036910

Microsoft Windows: CVE-2024-26254: Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/09/2024 Created 04/10/2024 Added 04/09/2024 Modified 08/13/2024 Description Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5036896 microsoft-windows-windows_10-21h2-kb5036892 microsoft-windows-windows_10-22h2-kb5036892 microsoft-windows-windows_11-21h2-kb5036894 microsoft-windows-windows_11-22h2-kb5036893 microsoft-windows-windows_11-23h2-kb5036893 microsoft-windows-windows_server_2019-1809-kb5036896 microsoft-windows-windows_server_2022-21h2-kb5036909 microsoft-windows-windows_server_2022-22h2-kb5036909 microsoft-windows-windows_server_2022-23h2-kb5036910 References https://attackerkb.com/topics/cve-2024-26254 CVE - 2024-26254 https://support.microsoft.com/help/5036892 https://support.microsoft.com/help/5036893 https://support.microsoft.com/help/5036894 https://support.microsoft.com/help/5036896 https://support.microsoft.com/help/5036909 https://support.microsoft.com/help/5036910 View more