Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-8441 Uncontrolled Search Path Element vulnerability in Ivanti Endpoint Manager
An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker with admin privileges to escalate their privileges to SYSTEM.
local
low complexity
ivanti CWE-427
6.7
6.7
2024-09-10 CVE-2024-37337 Unspecified vulnerability in Microsoft products
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
network
low complexity
microsoft
4.3
4.3
2024-09-10 CVE-2024-37342 Unspecified vulnerability in Microsoft products
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
network
low complexity
microsoft
4.3
4.3
2024-09-10 CVE-2024-38217 Unspecified vulnerability in Microsoft products
Windows Mark of the Web Security Feature Bypass Vulnerability
network
low complexity
microsoft
5.4
5.4
2024-09-10 CVE-2024-38234 Unspecified vulnerability in Microsoft products
Windows Networking Denial of Service Vulnerability
low complexity
microsoft
6.5
6.5
2024-09-10 CVE-2024-38235 Unspecified vulnerability in Microsoft products
Windows Hyper-V Denial of Service Vulnerability
local
low complexity
microsoft
6.5
6.5
2024-09-10 CVE-2024-38254 Unspecified vulnerability in Microsoft products
Windows Authentication Information Disclosure Vulnerability
local
low complexity
microsoft
6.2
6.2
2024-09-10 CVE-2024-38256 Unspecified vulnerability in Microsoft products
Windows Kernel-Mode Driver Information Disclosure Vulnerability
local
low complexity
microsoft
5.5
5.5
2024-09-10 CVE-2024-43476 Cross-site Scripting vulnerability in Microsoft Dynamics 365
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
network
low complexity
microsoft CWE-79
5.4
5.4
2024-09-10 CVE-2024-43482 Unspecified vulnerability in Microsoft Outlook
Microsoft Outlook for iOS Information Disclosure Vulnerability
network
low complexity
microsoft
6.5
6.5