Weekly Vulnerabilities Reports > April 8 to 14, 2024

Overview

203 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 126 high severity vulnerabilities. This weekly summary report vulnerabilities in 22 products from 7 vendors including Microsoft, Linux, Paloaltonetworks, Codepeople, and Tribulant. Vulnerabilities are notably categorized as "Cross-site Scripting", "Stack-based Buffer Overflow", "Out-of-bounds Read", "Use After Free", and "Out-of-bounds Write".

  • 113 reported vulnerabilities are remotely exploitables.
  • 16 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 102 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 8 reported vulnerabilities.
  • Paloaltonetworks has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-04-12 CVE-2024-3400 Paloaltonetworks Command Injection vulnerability in Paloaltonetworks Pan-Os

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

10.0
2024-04-09 CVE-2023-1083 An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.
9.8
2024-04-10 CVE-2024-20758 Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user.
9.0
2024-04-09 CVE-2024-29990 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
9.0

126 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-04-09 CVE-2024-29982 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29984 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29985 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29988 Microsoft Unspecified vulnerability in Microsoft products

SmartScreen Prompt Security Feature Bypass Vulnerability

8.8
2024-04-09 CVE-2024-29993 Azure CycleCloud Elevation of Privilege Vulnerability
8.8
2024-04-09 CVE-2024-20678 Remote Procedure Call Runtime Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-21323 Microsoft Defender for IoT Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-26179 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-26200 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-26205 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-26210 Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-26214 Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28906 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28908 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28909 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28910 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28911 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28912 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28913 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28914 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28926 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28927 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28929 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28930 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28931 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28933 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28934 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28935 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28936 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28937 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28938 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28939 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28940 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28941 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28943 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28944 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-28945 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29044 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29046 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29047 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29048 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
8.8
2024-04-09 CVE-2024-29053 Microsoft Path Traversal vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Remote Code Execution Vulnerability

8.8
2024-04-09 CVE-2023-1082 An remote attacker with low privileges can perform a command injection which can lead to root access.
8.8
2024-04-09 CVE-2024-29989 Azure Monitor Agent Elevation of Privilege Vulnerability
8.4
2024-04-09 CVE-2024-29050 Windows Cryptographic Services Remote Code Execution Vulnerability
8.4
2024-04-12 CVE-2024-30407 The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native Router (JCNR) and containerized routing Protocol Deamon (cRPD) products allows an attacker to perform Person-in-the-Middle (PitM) attacks which results in complete compromise of the container.
8.1
2024-04-10 CVE-2024-20759 Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields.
8.1
2024-04-09 CVE-2024-20670 Outlook for Windows Spoofing Vulnerability
8.1
2024-04-09 CVE-2023-49133 A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216.
8.1
2024-04-09 CVE-2023-49134 A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216.
8.1
2024-04-09 CVE-2024-26180 Secure Boot Security Feature Bypass Vulnerability
8.0
2024-04-09 CVE-2024-26240 Secure Boot Security Feature Bypass Vulnerability
8.0
2024-04-09 CVE-2024-28925 Secure Boot Security Feature Bypass Vulnerability
8.0
2024-04-11 CVE-2024-30271 Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
7.8
2024-04-11 CVE-2024-30272 Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
7.8
2024-04-11 CVE-2024-20795 Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user.
7.8
2024-04-11 CVE-2024-20797 Animate versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.
7.8
2024-04-10 CVE-2021-47194 Linux Improper Initialization vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the userspace tools switch from NL80211_IFTYPE_P2P_GO to NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it does not call the cleanup cfg80211_stop_ap(), this leads to the initialization of in-use data.

7.8
2024-04-10 CVE-2021-47198 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b" The NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the flag is not cleared upon completion of the login. This allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set to LPFC_RPI_ALLOW_ERROR.

7.8
2024-04-10 CVE-2024-20772 Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
7.8
2024-04-09 CVE-2024-20693 Windows Kernel Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-21447 Windows Authentication Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26175 Secure Boot Security Feature Bypass Vulnerability
7.8
2024-04-09 CVE-2024-26218 Windows Kernel Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26228 Windows Cryptographic Services Security Feature Bypass Vulnerability
7.8
2024-04-09 CVE-2024-26229 Windows CSC Service Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26230 Windows Telephony Server Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26235 Windows Update Stack Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26237 Windows Defender Credential Guard Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26239 Windows Telephony Server Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26241 Win32k Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26245 Windows SMB Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-26256 libarchive Remote Code Execution Vulnerability
7.8
2024-04-09 CVE-2024-26257 Microsoft Excel Remote Code Execution Vulnerability
7.8
2024-04-09 CVE-2024-28904 Microsoft Brokering File System Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-28907 Microsoft Brokering File System Elevation of Privilege Vulnerability
7.8
2024-04-09 CVE-2024-28920 Secure Boot Security Feature Bypass Vulnerability
7.8
2024-04-09 CVE-2024-29052 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Storage Elevation of Privilege Vulnerability

7.8
2024-04-09 CVE-2024-29061 Microsoft Out-of-bounds Write vulnerability in Microsoft products

Secure Boot Security Feature Bypass Vulnerability

7.8
2024-04-12 CVE-2024-30382 An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS). This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below). This issue affects: Junos OS: * all versions before 20.4R3-S10, * from 21.2 before 21.2R3-S8, * from 21.3 before 21.3R3, * from 21.4 before 21.4R3, * from 22.1 before 22.1R2; Junos OS Evolved: * all versions before 21.2R3-S8-EVO, * from 21.3 before 21.3R3-EVO, * from 21.4 before 21.4R3-EVO, * from 22.1 before 22.1R2-EVO.
7.5
2024-04-12 CVE-2024-30392 A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific URL request is received and processed, flowd will crash and restart.
7.5
2024-04-12 CVE-2024-30397 An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). The pkid is responsible for the certificate verification.
7.5
2024-04-12 CVE-2024-30398 An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a high amount of specific traffic is received on a SRX4600 device, due to an error in internal packet handling, a consistent rise in CPU memory utilization occurs.
7.5
2024-04-12 CVE-2024-30394 A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when EVPN is configured, and a specific EVPN type-5 route is received via BGP, rpd crashes and restarts.
7.5
2024-04-12 CVE-2024-30395 An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD) of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). If a BGP update is received over an established BGP session which contains a tunnel encapsulation attribute with a specifically malformed TLV, rpd will crash and restart. This issue affects: Junos OS: * all versions before 21.2R3-S7,  * from 21.3 before 21.3R3-S5,  * from 21.4 before 21.4R3-S5,  * from 22.1 before 22.1R3-S5,  * from 22.2 before 22.2R3-S3,  * from 22.3 before 22.3R3-S2,  * from 22.4 before 22.4R3,  * from 23.2 before 23.2R1-S2, 23.2R2. Junos OS Evolved: * all versions before 21.2R3-S7-EVO,  * from 21.3-EVO before 21.3R3-S5-EVO,  * from 21.4-EVO before 21.4R3-S5-EVO,  * from 22.2-EVO before 22.2R3-S3-EVO,  * from 22.3-EVO before 22.3R3-S2-EVO,  * from 22.4-EVO before 22.4R3-EVO,  * from 23.2-EVO before 23.2R1-S2-EVO, 23.2R2-EVO. This is a related but separate issue than the one described in JSA75739
7.5
2024-04-12 CVE-2024-30405 An Incorrect Calculation of Buffer Size vulnerability in Juniper Networks Junos OS SRX 5000 Series devices using SPC2 line cards while ALGs are enabled allows an attacker sending specific crafted packets to cause a transit traffic Denial of Service (DoS). Continued receipt and processing of these specific packets will sustain the Denial of Service condition. This issue affects: Juniper Networks Junos OS SRX 5000 Series with SPC2 with ALGs enabled. * All versions earlier than 21.2R3-S7; * 21.4 versions earlier than 21.4R3-S6; * 22.1 versions earlier than 22.1R3-S5; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S2; * 22.4 versions earlier than 22.4R3; * 23.2 versions earlier than 23.2R2.
7.5
2024-04-09 CVE-2024-26212 DHCP Server Service Denial of Service Vulnerability
7.5
2024-04-09 CVE-2024-26215 DHCP Server Service Denial of Service Vulnerability
7.5
2024-04-09 CVE-2024-26219 HTTP.sys Denial of Service Vulnerability
7.5
2024-04-09 CVE-2024-26248 Windows Kerberos Elevation of Privilege Vulnerability
7.5
2024-04-09 CVE-2024-26254 Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
7.5
2024-04-09 CVE-2024-28896 Secure Boot Security Feature Bypass Vulnerability
7.5
2024-04-09 CVE-2024-29045 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
7.5
2024-04-09 CVE-2024-26194 Secure Boot Security Feature Bypass Vulnerability
7.4
2024-04-09 CVE-2023-49074 A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.4
2024-04-09 CVE-2024-29063 Azure AI Search Information Disclosure Vulnerability
7.3
2024-04-09 CVE-2024-21409 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
7.3
2024-04-09 CVE-2024-26216 Windows File Server Resource Management Service Elevation of Privilege Vulnerability
7.3
2024-04-09 CVE-2024-26232 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
7.3
2024-04-09 CVE-2024-29066 Windows Distributed File System (DFS) Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-21322 Microsoft Defender for IoT Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-21324 Microsoft Defender for IoT Elevation of Privilege Vulnerability
7.2
2024-04-09 CVE-2024-26195 DHCP Server Service Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-26202 DHCP Server Service Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-26208 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-26221 Windows DNS Server Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-26222 Windows DNS Server Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-26223 Windows DNS Server Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-26231 Windows DNS Server Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-26233 Windows DNS Server Remote Code Execution Vulnerability
7.2
2024-04-09 CVE-2024-29054 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Elevation of Privilege Vulnerability

7.2
2024-04-09 CVE-2024-29055 Microsoft Unspecified vulnerability in Microsoft Defender for IOT

Microsoft Defender for IoT Elevation of Privilege Vulnerability

7.2
2024-04-09 CVE-2023-49906 A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.2
2024-04-09 CVE-2023-49907 A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.2
2024-04-09 CVE-2023-49908 A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.2
2024-04-09 CVE-2023-49909 A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.2
2024-04-09 CVE-2023-49910 A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.2
2024-04-09 CVE-2023-49911 A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.2
2024-04-09 CVE-2023-49912 A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.
7.2
2024-04-09 CVE-2024-20688 Secure Boot Security Feature Bypass Vulnerability
7.1
2024-04-09 CVE-2024-20689 Secure Boot Security Feature Bypass Vulnerability
7.1
2024-04-09 CVE-2024-29062 Microsoft Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft products

Secure Boot Security Feature Bypass Vulnerability

7.1
2024-04-09 CVE-2024-26213 Microsoft Brokering File System Elevation of Privilege Vulnerability
7.0
2024-04-09 CVE-2024-26236 Windows Update Stack Elevation of Privilege Vulnerability
7.0
2024-04-09 CVE-2024-26242 Windows Telephony Server Elevation of Privilege Vulnerability
7.0
2024-04-09 CVE-2024-26243 Windows USB Print Driver Elevation of Privilege Vulnerability
7.0

73 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-04-09 CVE-2024-26168 Secure Boot Security Feature Bypass Vulnerability
6.8
2024-04-09 CVE-2024-26251 Microsoft SharePoint Server Spoofing Vulnerability
6.8
2024-04-09 CVE-2024-26253 Windows rndismp6.sys Remote Code Execution Vulnerability
6.8
2024-04-09 CVE-2024-28897 Secure Boot Security Feature Bypass Vulnerability
6.8
2024-04-09 CVE-2024-20669 Secure Boot Security Feature Bypass Vulnerability
6.7
2024-04-09 CVE-2024-26171 Secure Boot Security Feature Bypass Vulnerability
6.7
2024-04-09 CVE-2024-26234 Proxy Driver Spoofing Vulnerability
6.7
2024-04-09 CVE-2024-26250 Secure Boot Security Feature Bypass Vulnerability
6.7
2024-04-09 CVE-2024-28903 Secure Boot Security Feature Bypass Vulnerability
6.7
2024-04-09 CVE-2024-28919 Secure Boot Security Feature Bypass Vulnerability
6.7
2024-04-09 CVE-2024-28921 Secure Boot Security Feature Bypass Vulnerability
6.7
2024-04-09 CVE-2024-28924 Secure Boot Security Feature Bypass Vulnerability
6.7
2024-04-12 CVE-2024-30387 A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). If an interface flaps while the system gathers statistics on that interface, two processes simultaneously access a shared resource which leads to a PFE crash and restart. This issue affects Junos OS: * All versions before 20.4R3-S9, * 21.2 versions before 21.2R3-S5,  * 21.3 versions before 21.3R3-S5,  * 21.4 versions before 21.4R3-S4, * 22.1 versions before 22.1R3-S2, * 22.2 versions before 22.2R3-S2, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2.
6.5
2024-04-12 CVE-2024-30388 An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss. This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series: * 20.4 versions from 20.4R3-S4 before 20.4R3-S8, * 21.2 versions from 21.2R3-S2 before 21.2R3-S6, * 21.4 versions from 21.4R2 before 21.4R3-S4, * 22.1 versions from 22.1R2 before 22.1R3-S3, * 22.2 versions before 22.2R3-S1, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2-S1, 22.4R3.
6.5
2024-04-12 CVE-2024-30403 A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When Layer 2 traffic is sent through a logical interface, MAC learning happens.
6.5
2024-04-12 CVE-2024-21593 An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If an attacker sends a specific MPLS packet, which upon processing, causes an internal loop, that leads to a PFE crash and restart.
6.5
2024-04-12 CVE-2024-21605 An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Specific valid link-local traffic is not blocked on ports in STP blocked state but is instead sent to the control plane of the device. This leads to excessive resource consumption and in turn severe impact on all control and management protocols of the device. This issue affects Juniper Networks Junos OS: * 21.2 version 21.2R3-S3 and later versions earlier than 21.2R3-S6; * 22.1 version 22.1R3 and later versions earlier than 22.1R3-S4; * 22.2 version 22.2R2 and later versions earlier than 22.2R3-S2; * 22.3 version 22.3R2 and later versions earlier than 22.3R3-S1; * 22.4 versions earlier than 22.4R2-S2, 22.4R3; * 23.2 versions earlier than 23.2R1-S1, 23.2R2. This issue does not affect Juniper Networks Junos OS 21.4R1 and later versions of 21.4.
6.5
2024-04-12 CVE-2024-21609 A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS). If specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific message sequence.
6.5
2024-04-12 CVE-2024-21618 An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when LLDP is enabled on a specific interface, and a malformed LLDP packet is received, l2cpd crashes and restarts.
6.5
2024-04-09 CVE-2024-21424 Azure Compute Gallery Elevation of Privilege Vulnerability
6.5
2024-04-09 CVE-2024-26183 Windows Kerberos Denial of Service Vulnerability
6.5
2024-04-09 CVE-2024-26226 Windows Distributed File System (DFS) Information Disclosure Vulnerability
6.5
2024-04-09 CVE-2024-3167 Oceanwp Cross-site Scripting vulnerability in Oceanwp Ocean Extra

The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘twitter_username’ parameter in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping.

6.4
2024-04-09 CVE-2024-26193 Azure Migrate Remote Code Execution Vulnerability
6.4
2024-04-09 CVE-2024-28923 Secure Boot Security Feature Bypass Vulnerability
6.4
2024-04-09 CVE-2024-28898 Secure Boot Security Feature Bypass Vulnerability
6.3
2024-04-09 CVE-2024-28917 Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
6.2
2024-04-09 CVE-2024-20665 BitLocker Security Feature Bypass Vulnerability
6.1
2024-04-12 CVE-2024-30401 An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC. Through code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow. This issue affects Junos OS on MX Series and EX9200-15C: * from 21.2 before 21.2R3-S1, * from 21.4 before 21.4R3, * from 22.1 before 22.1R2, * from 22.2 before 22.2R2;  This issue does not affect: * versions of Junos OS prior to 20.3R1; * any version of Junos OS 20.4.
5.9
2024-04-12 CVE-2024-30402 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When telemetry requests are sent to the device, and the Dynamic Rendering Daemon (drend) is suspended, the l2ald crashes and restarts due to factors outside the attackers control.
5.9
2024-04-12 CVE-2024-30389 An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic. This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6. This issue does not affect Junos OS releases earlier than 21.4R1.
5.8
2024-04-12 CVE-2024-30410 An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface.
5.8
2024-04-12 CVE-2024-30384 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service (Dos). If a specific CLI command is issued, a PFE crash will occur.
5.5
2024-04-11 CVE-2024-20794 Animate versions 23.0.4, 24.0.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service.
5.5
2024-04-11 CVE-2024-20796 Animate versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
5.5
2024-04-11 CVE-2024-20771 Bridge versions 13.0.6, 14.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
5.5
2024-04-11 CVE-2024-20798 Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
5.5
2024-04-10 CVE-2021-47193 Linux Memory Leak vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix memory leak during rmmod Driver failed to release all memory allocated.

5.5
2024-04-10 CVE-2021-47195 Linux Use After Free vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex.

5.5
2024-04-10 CVE-2024-20770 Photoshop Desktop versions 24.7.2, 25.3.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
5.5
2024-04-10 CVE-2024-20737 After Effects versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
5.5
2024-04-09 CVE-2024-29992 Azure Identity Library for .NET Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-26172 Windows DWM Core Library Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-26207 Windows Remote Access Connection Manager Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-26209 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-26217 Windows Remote Access Connection Manager Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-26255 Windows Remote Access Connection Manager Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-28900 Windows Remote Access Connection Manager Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-28901 Windows Remote Access Connection Manager Information Disclosure Vulnerability
5.5
2024-04-09 CVE-2024-28902 Windows Remote Access Connection Manager Information Disclosure Vulnerability
5.5
2024-04-10 CVE-2024-20778 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-20779 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-20780 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26046 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26047 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26079 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26084 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26087 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26097 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26098 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-10 CVE-2024-26122 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-12 CVE-2024-30386 A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service (DoS). In an EVPN-VXLAN scenario, when state updates are received and processed by the affected system, the correct order of some processing steps is not ensured, which can lead to an l2ald crash and restart.
5.3
2024-04-12 CVE-2024-30390 An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service (DoS) to the management plane. When an incoming connection was blocked because it exceeded the connections-per-second rate-limit, the system doesn't consider existing connections anymore for subsequent connection attempts so that the connection limit can be exceeded. This issue affects Junos OS Evolved: * All versions before 21.4R3-S4-EVO, * 22.1-EVO versions before 22.1R3-S3-EVO, * 22.2-EVO versions before 22.2R3-S2-EVO,  * 22.3-EVO versions before 22.3R2-S1-EVO, 22.3R3-EVO.
5.3
2024-04-12 CVE-2024-21590 An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine (RE) to cause a Denial of Service (DoS).  When specifically crafted transit MPLS IPv4 packets are received by the Packet Forwarding Engine (PFE), these packets are internally forwarded to the RE. Continued receipt of these packets may create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: * All versions before 21.2R3-S8-EVO; * from 21.4-EVO before 21.4R3-S6-EVO; * from 22.2-EVO before 22.2R3-S4-EVO; * from 22.3-EVO before 22.3R3-S3-EVO; * from 22.4-EVO before 22.4R3-EVO; * from 23.2-EVO before 23.2R2-EVO. * from 23.4-EVO before 23.4R1-S1-EVO.
5.3
2024-04-12 CVE-2024-30409 An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon (fibtd) to crash, leading to a limited Denial of Service.  This issue affects Juniper Networks Junos OS: * from 22.1 before 22.1R1-S2, 22.1R2. Junos OS Evolved:  * from 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO.
5.3
2024-04-10 CVE-2024-31302 Codepeople Information Exposure vulnerability in Codepeople Contact Form Email

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44.

5.3
2024-04-10 CVE-2024-31353 Tribulant Information Exposure Through Log Files vulnerability in Tribulant Slideshow Gallery

Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.

5.3
2024-04-09 CVE-2024-3097 Imagely Missing Authorization vulnerability in Imagely Nextgen Gallery

The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_item function in versions up to, and including, 3.59.

5.3
2024-04-12 CVE-2024-21615 An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user performs specific actions via NETCONF, then a low-privileged user can access sensitive information compromising the confidentiality of the system. This issue affects: Junos OS: * all versions before 21.2R3-S7,  * from 21.4 before 21.4R3-S5,  * from 22.1 before 22.1R3-S5,  * from 22.2 before 22.2R3-S3,  * from 22.3 before 22.3R3-S2,  * from 22.4 before 22.4R3,  * from 23.2 before 23.2R1-S2. Junos OS Evolved:  * all versions before 21.2R3-S7-EVO,  * from 21.3 before 21.3R3-S5-EVO,  * from 21.4 before 21.4R3-S5-EVO,  * from 22.1 before 22.1R3-S5-EVO,  * from 22.2 before 22.2R3-S3-EVO,  * from 22.3 before 22.3R3-S2-EVO, * from 22.4 before 22.4R3-EVO,  * from 23.2 before 23.2R1-S2.
5.0
2024-04-09 CVE-2024-26220 Windows Mobile Hotspot Information Disclosure Vulnerability
5.0
2024-04-12 CVE-2024-21610 An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS on MX Series allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service (DoS). In a scaled subscriber scenario when specific low privileged commands, received over NETCONF, SSH or telnet, are handled by cosd on behalf of mgd, the respective child management daemon (mgd) processes will get stuck.
4.3
2024-04-09 CVE-2024-29056 Microsoft Use of a Broken or Risky Cryptographic Algorithm vulnerability in Microsoft products

Windows Authentication Elevation of Privilege Vulnerability

4.3
2024-04-09 CVE-2024-28922 Secure Boot Security Feature Bypass Vulnerability
4.1

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS