Weekly Vulnerabilities Reports > April 8 to 14, 2024

Overview

204 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 126 high severity vulnerabilities. This weekly summary report vulnerabilities in 24 products from 9 vendors including Microsoft, Linux, Redhat, Qemu, and Tribulant. Vulnerabilities are notably categorized as "Cross-site Scripting", "Stack-based Buffer Overflow", "Out-of-bounds Read", "Use After Free", and "Out-of-bounds Write".

113 reported vulnerabilities are remotely exploitables.
16 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
102 reported vulnerabilities are exploitable by an anonymous user.
Microsoft has the most reported vulnerabilities, with 8 reported vulnerabilities.
Paloaltonetworks has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-04-12	CVE-2024-3400	Paloaltonetworks	Command Injection vulnerability in Paloaltonetworks Pan-Os A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.	10.0
2024-04-09	CVE-2023-1083		An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.	9.8
2024-04-10	CVE-2024-20758		Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user.	9.0
2024-04-09	CVE-2024-29990		Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability	9.0

Expand/Hide

126 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-04-09	CVE-2024-29982		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29984		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29985		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29988	Microsoft	Unspecified vulnerability in Microsoft products SmartScreen Prompt Security Feature Bypass Vulnerability	8.8
2024-04-09	CVE-2024-29993		Azure CycleCloud Elevation of Privilege Vulnerability	8.8
2024-04-09	CVE-2024-20678		Remote Procedure Call Runtime Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-21323		Microsoft Defender for IoT Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-26179		Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-26200		Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-26205		Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-26210		Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-26214		Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28906		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28908		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28909		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28910		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28911		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28912		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28913		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28914		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28926		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28927		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28929		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28930		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28931		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28933		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28934		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28935		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28936		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28937		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28938		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28939		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28940		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28941		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28943		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28944		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-28945		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29044		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29046		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29047		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29048		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2024-29053	Microsoft	Path Traversal vulnerability in Microsoft Defender for IOT Microsoft Defender for IoT Remote Code Execution Vulnerability	8.8
2024-04-09	CVE-2023-1082		An remote attacker with low privileges can perform a command injection which can lead to root access.	8.8
2024-04-09	CVE-2024-29989		Azure Monitor Agent Elevation of Privilege Vulnerability	8.4
2024-04-09	CVE-2024-29050		Windows Cryptographic Services Remote Code Execution Vulnerability	8.4
2024-04-12	CVE-2024-30407		The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native Router (JCNR) and containerized routing Protocol Deamon (cRPD) products allows an attacker to perform Person-in-the-Middle (PitM) attacks which results in complete compromise of the container.	8.1
2024-04-10	CVE-2024-20759		Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields.	8.1
2024-04-09	CVE-2024-20670		Outlook for Windows Spoofing Vulnerability	8.1
2024-04-09	CVE-2023-49133		A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216.	8.1
2024-04-09	CVE-2023-49134		A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216.	8.1
2024-04-09	CVE-2024-26180		Secure Boot Security Feature Bypass Vulnerability	8.0
2024-04-09	CVE-2024-26240		Secure Boot Security Feature Bypass Vulnerability	8.0
2024-04-09	CVE-2024-28925		Secure Boot Security Feature Bypass Vulnerability	8.0
2024-04-11	CVE-2024-30271		Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.	7.8
2024-04-11	CVE-2024-30272		Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.	7.8
2024-04-11	CVE-2024-20795		Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user.	7.8
2024-04-11	CVE-2024-20797		Animate versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.	7.8
2024-04-10	CVE-2021-47194	Linux	Improper Initialization vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the userspace tools switch from NL80211_IFTYPE_P2P_GO to NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it does not call the cleanup cfg80211_stop_ap(), this leads to the initialization of in-use data.	7.8
2024-04-10	CVE-2021-47198	Linux	Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b" The NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the flag is not cleared upon completion of the login. This allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set to LPFC_RPI_ALLOW_ERROR.	7.8
2024-04-10	CVE-2024-20772		Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.	7.8
2024-04-09	CVE-2024-20693		Windows Kernel Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-21447		Windows Authentication Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26175		Secure Boot Security Feature Bypass Vulnerability	7.8
2024-04-09	CVE-2024-26218		Windows Kernel Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26228		Windows Cryptographic Services Security Feature Bypass Vulnerability	7.8
2024-04-09	CVE-2024-26229		Windows CSC Service Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26230		Windows Telephony Server Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26235		Windows Update Stack Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26237		Windows Defender Credential Guard Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26239		Windows Telephony Server Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26241		Win32k Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26245		Windows SMB Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-26256		libarchive Remote Code Execution Vulnerability	7.8
2024-04-09	CVE-2024-26257		Microsoft Excel Remote Code Execution Vulnerability	7.8
2024-04-09	CVE-2024-28904		Microsoft Brokering File System Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-28907		Microsoft Brokering File System Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-28920		Secure Boot Security Feature Bypass Vulnerability	7.8
2024-04-09	CVE-2024-29052	Microsoft	Improper Privilege Management vulnerability in Microsoft products Windows Storage Elevation of Privilege Vulnerability	7.8
2024-04-09	CVE-2024-29061	Microsoft	Out-of-bounds Write vulnerability in Microsoft products Secure Boot Security Feature Bypass Vulnerability	7.8
2024-04-12	CVE-2024-30382		An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS). This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below). This issue affects: Junos OS: * all versions before 20.4R3-S10, * from 21.2 before 21.2R3-S8, * from 21.3 before 21.3R3, * from 21.4 before 21.4R3, * from 22.1 before 22.1R2; Junos OS Evolved: * all versions before 21.2R3-S8-EVO, * from 21.3 before 21.3R3-EVO, * from 21.4 before 21.4R3-EVO, * from 22.1 before 22.1R2-EVO.	7.5
2024-04-12	CVE-2024-30392		A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific URL request is received and processed, flowd will crash and restart.	7.5
2024-04-12	CVE-2024-30397		An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). The pkid is responsible for the certificate verification.	7.5
2024-04-12	CVE-2024-30398		An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a high amount of specific traffic is received on a SRX4600 device, due to an error in internal packet handling, a consistent rise in CPU memory utilization occurs.	7.5
2024-04-12	CVE-2024-30394		A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when EVPN is configured, and a specific EVPN type-5 route is received via BGP, rpd crashes and restarts.	7.5
2024-04-12	CVE-2024-30395		An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD) of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). If a BGP update is received over an established BGP session which contains a tunnel encapsulation attribute with a specifically malformed TLV, rpd will crash and restart. This issue affects: Junos OS: * all versions before 21.2R3-S7, * from 21.3 before 21.3R3-S5, * from 21.4 before 21.4R3-S5, * from 22.1 before 22.1R3-S5, * from 22.2 before 22.2R3-S3, * from 22.3 before 22.3R3-S2, * from 22.4 before 22.4R3, * from 23.2 before 23.2R1-S2, 23.2R2. Junos OS Evolved: * all versions before 21.2R3-S7-EVO, * from 21.3-EVO before 21.3R3-S5-EVO, * from 21.4-EVO before 21.4R3-S5-EVO, * from 22.2-EVO before 22.2R3-S3-EVO, * from 22.3-EVO before 22.3R3-S2-EVO, * from 22.4-EVO before 22.4R3-EVO, * from 23.2-EVO before 23.2R1-S2-EVO, 23.2R2-EVO. This is a related but separate issue than the one described in JSA75739	7.5
2024-04-12	CVE-2024-30405		An Incorrect Calculation of Buffer Size vulnerability in Juniper Networks Junos OS SRX 5000 Series devices using SPC2 line cards while ALGs are enabled allows an attacker sending specific crafted packets to cause a transit traffic Denial of Service (DoS). Continued receipt and processing of these specific packets will sustain the Denial of Service condition. This issue affects: Juniper Networks Junos OS SRX 5000 Series with SPC2 with ALGs enabled. * All versions earlier than 21.2R3-S7; * 21.4 versions earlier than 21.4R3-S6; * 22.1 versions earlier than 22.1R3-S5; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S2; * 22.4 versions earlier than 22.4R3; * 23.2 versions earlier than 23.2R2.	7.5
2024-04-09	CVE-2024-26212		DHCP Server Service Denial of Service Vulnerability	7.5
2024-04-09	CVE-2024-26215		DHCP Server Service Denial of Service Vulnerability	7.5
2024-04-09	CVE-2024-26219		HTTP.sys Denial of Service Vulnerability	7.5
2024-04-09	CVE-2024-26248		Windows Kerberos Elevation of Privilege Vulnerability	7.5
2024-04-09	CVE-2024-26254		Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability	7.5
2024-04-09	CVE-2024-28896		Secure Boot Security Feature Bypass Vulnerability	7.5
2024-04-09	CVE-2024-29045		Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	7.5
2024-04-09	CVE-2024-26194		Secure Boot Security Feature Bypass Vulnerability	7.4
2024-04-09	CVE-2023-49074		A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.4
2024-04-09	CVE-2024-29063		Azure AI Search Information Disclosure Vulnerability	7.3
2024-04-09	CVE-2024-21409		.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability	7.3
2024-04-09	CVE-2024-26216		Windows File Server Resource Management Service Elevation of Privilege Vulnerability	7.3
2024-04-09	CVE-2024-26232		Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	7.3
2024-04-09	CVE-2024-29066		Windows Distributed File System (DFS) Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-21322		Microsoft Defender for IoT Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-21324		Microsoft Defender for IoT Elevation of Privilege Vulnerability	7.2
2024-04-09	CVE-2024-26195		DHCP Server Service Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-26202		DHCP Server Service Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-26208		Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-26221		Windows DNS Server Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-26222		Windows DNS Server Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-26223		Windows DNS Server Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-26231		Windows DNS Server Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-26233		Windows DNS Server Remote Code Execution Vulnerability	7.2
2024-04-09	CVE-2024-29054	Microsoft	Unspecified vulnerability in Microsoft Defender for IOT Microsoft Defender for IoT Elevation of Privilege Vulnerability	7.2
2024-04-09	CVE-2024-29055	Microsoft	Unspecified vulnerability in Microsoft Defender for IOT Microsoft Defender for IoT Elevation of Privilege Vulnerability	7.2
2024-04-09	CVE-2023-49906		A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.2
2024-04-09	CVE-2023-49907		A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.2
2024-04-09	CVE-2023-49908		A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.2
2024-04-09	CVE-2023-49909		A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.2
2024-04-09	CVE-2023-49910		A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.2
2024-04-09	CVE-2023-49911		A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.2
2024-04-09	CVE-2023-49912		A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926.	7.2
2024-04-09	CVE-2024-20688		Secure Boot Security Feature Bypass Vulnerability	7.1
2024-04-09	CVE-2024-20689		Secure Boot Security Feature Bypass Vulnerability	7.1
2024-04-09	CVE-2024-29062	Microsoft	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft products Secure Boot Security Feature Bypass Vulnerability	7.1
2024-04-09	CVE-2024-26213		Microsoft Brokering File System Elevation of Privilege Vulnerability	7.0
2024-04-09	CVE-2024-26236		Windows Update Stack Elevation of Privilege Vulnerability	7.0
2024-04-09	CVE-2024-26242		Windows Telephony Server Elevation of Privilege Vulnerability	7.0
2024-04-09	CVE-2024-26243		Windows USB Print Driver Elevation of Privilege Vulnerability	7.0

Expand/Hide

74 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-04-09	CVE-2024-26168		Secure Boot Security Feature Bypass Vulnerability	6.8
2024-04-09	CVE-2024-26251		Microsoft SharePoint Server Spoofing Vulnerability	6.8
2024-04-09	CVE-2024-26253		Windows rndismp6.sys Remote Code Execution Vulnerability	6.8
2024-04-09	CVE-2024-28897		Secure Boot Security Feature Bypass Vulnerability	6.8
2024-04-09	CVE-2024-20669		Secure Boot Security Feature Bypass Vulnerability	6.7
2024-04-09	CVE-2024-26171		Secure Boot Security Feature Bypass Vulnerability	6.7
2024-04-09	CVE-2024-26234		Proxy Driver Spoofing Vulnerability	6.7
2024-04-09	CVE-2024-26250		Secure Boot Security Feature Bypass Vulnerability	6.7
2024-04-09	CVE-2024-28903		Secure Boot Security Feature Bypass Vulnerability	6.7
2024-04-09	CVE-2024-28919		Secure Boot Security Feature Bypass Vulnerability	6.7
2024-04-09	CVE-2024-28921		Secure Boot Security Feature Bypass Vulnerability	6.7
2024-04-09	CVE-2024-28924		Secure Boot Security Feature Bypass Vulnerability	6.7
2024-04-12	CVE-2024-30387		A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). If an interface flaps while the system gathers statistics on that interface, two processes simultaneously access a shared resource which leads to a PFE crash and restart. This issue affects Junos OS: * All versions before 20.4R3-S9, * 21.2 versions before 21.2R3-S5, * 21.3 versions before 21.3R3-S5, * 21.4 versions before 21.4R3-S4, * 22.1 versions before 22.1R3-S2, * 22.2 versions before 22.2R3-S2, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2.	6.5
2024-04-12	CVE-2024-30388		An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss. This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series: * 20.4 versions from 20.4R3-S4 before 20.4R3-S8, * 21.2 versions from 21.2R3-S2 before 21.2R3-S6, * 21.4 versions from 21.4R2 before 21.4R3-S4, * 22.1 versions from 22.1R2 before 22.1R3-S3, * 22.2 versions before 22.2R3-S1, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2-S1, 22.4R3.	6.5
2024-04-12	CVE-2024-30403		A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When Layer 2 traffic is sent through a logical interface, MAC learning happens.	6.5
2024-04-12	CVE-2024-21593		An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If an attacker sends a specific MPLS packet, which upon processing, causes an internal loop, that leads to a PFE crash and restart.	6.5
2024-04-12	CVE-2024-21605		An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Specific valid link-local traffic is not blocked on ports in STP blocked state but is instead sent to the control plane of the device. This leads to excessive resource consumption and in turn severe impact on all control and management protocols of the device. This issue affects Juniper Networks Junos OS: * 21.2 version 21.2R3-S3 and later versions earlier than 21.2R3-S6; * 22.1 version 22.1R3 and later versions earlier than 22.1R3-S4; * 22.2 version 22.2R2 and later versions earlier than 22.2R3-S2; * 22.3 version 22.3R2 and later versions earlier than 22.3R3-S1; * 22.4 versions earlier than 22.4R2-S2, 22.4R3; * 23.2 versions earlier than 23.2R1-S1, 23.2R2. This issue does not affect Juniper Networks Junos OS 21.4R1 and later versions of 21.4.	6.5
2024-04-12	CVE-2024-21609		A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS). If specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific message sequence.	6.5
2024-04-12	CVE-2024-21618		An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when LLDP is enabled on a specific interface, and a malformed LLDP packet is received, l2cpd crashes and restarts.	6.5
2024-04-09	CVE-2024-21424		Azure Compute Gallery Elevation of Privilege Vulnerability	6.5
2024-04-09	CVE-2024-26183		Windows Kerberos Denial of Service Vulnerability	6.5
2024-04-09	CVE-2024-26226		Windows Distributed File System (DFS) Information Disclosure Vulnerability	6.5
2024-04-09	CVE-2024-3167	Oceanwp	Cross-site Scripting vulnerability in Oceanwp Ocean Extra The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘twitter_username’ parameter in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping.	6.4
2024-04-09	CVE-2024-26193		Azure Migrate Remote Code Execution Vulnerability	6.4
2024-04-09	CVE-2024-28923		Secure Boot Security Feature Bypass Vulnerability	6.4
2024-04-09	CVE-2024-28898		Secure Boot Security Feature Bypass Vulnerability	6.3
2024-04-09	CVE-2024-28917		Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability	6.2
2024-04-09	CVE-2024-20665		BitLocker Security Feature Bypass Vulnerability	6.1
2024-04-12	CVE-2024-30401		An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC. Through code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow. This issue affects Junos OS on MX Series and EX9200-15C: * from 21.2 before 21.2R3-S1, * from 21.4 before 21.4R3, * from 22.1 before 22.1R2, * from 22.2 before 22.2R2; This issue does not affect: * versions of Junos OS prior to 20.3R1; * any version of Junos OS 20.4.	5.9
2024-04-12	CVE-2024-30402		An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When telemetry requests are sent to the device, and the Dynamic Rendering Daemon (drend) is suspended, the l2ald crashes and restarts due to factors outside the attackers control.	5.9
2024-04-12	CVE-2024-30389		An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic. This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6. This issue does not affect Junos OS releases earlier than 21.4R1.	5.8
2024-04-12	CVE-2024-30410		An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface.	5.8
2024-04-12	CVE-2024-30384		An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service (Dos). If a specific CLI command is issued, a PFE crash will occur.	5.5
2024-04-11	CVE-2024-20794		Animate versions 23.0.4, 24.0.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service.	5.5
2024-04-11	CVE-2024-20796		Animate versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.	5.5
2024-04-11	CVE-2024-20771		Bridge versions 13.0.6, 14.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.	5.5
2024-04-11	CVE-2024-20798		Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.	5.5
2024-04-10	CVE-2021-47193	Linux	Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix memory leak during rmmod Driver failed to release all memory allocated.	5.5
2024-04-10	CVE-2021-47195	Linux	Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex.	5.5
2024-04-10	CVE-2024-3567	Qemu Redhat	Reachable Assertion vulnerability in multiple products A flaw was found in QEMU.	5.5
2024-04-10	CVE-2024-20770		Photoshop Desktop versions 24.7.2, 25.3.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.	5.5
2024-04-10	CVE-2024-20737		After Effects versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.	5.5
2024-04-09	CVE-2024-29992		Azure Identity Library for .NET Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-26172		Windows DWM Core Library Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-26207		Windows Remote Access Connection Manager Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-26209		Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-26217		Windows Remote Access Connection Manager Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-26255		Windows Remote Access Connection Manager Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-28900		Windows Remote Access Connection Manager Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-28901		Windows Remote Access Connection Manager Information Disclosure Vulnerability	5.5
2024-04-09	CVE-2024-28902		Windows Remote Access Connection Manager Information Disclosure Vulnerability	5.5
2024-04-10	CVE-2024-20778		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-20779		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-20780		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26046		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26047		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26079		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26084		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26087		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26097		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26098		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-10	CVE-2024-26122		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-12	CVE-2024-30386		A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service (DoS). In an EVPN-VXLAN scenario, when state updates are received and processed by the affected system, the correct order of some processing steps is not ensured, which can lead to an l2ald crash and restart.	5.3
2024-04-12	CVE-2024-30390		An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service (DoS) to the management plane. When an incoming connection was blocked because it exceeded the connections-per-second rate-limit, the system doesn't consider existing connections anymore for subsequent connection attempts so that the connection limit can be exceeded. This issue affects Junos OS Evolved: * All versions before 21.4R3-S4-EVO, * 22.1-EVO versions before 22.1R3-S3-EVO, * 22.2-EVO versions before 22.2R3-S2-EVO, * 22.3-EVO versions before 22.3R2-S1-EVO, 22.3R3-EVO.	5.3
2024-04-12	CVE-2024-21590		An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine (RE) to cause a Denial of Service (DoS). When specifically crafted transit MPLS IPv4 packets are received by the Packet Forwarding Engine (PFE), these packets are internally forwarded to the RE. Continued receipt of these packets may create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: * All versions before 21.2R3-S8-EVO; * from 21.4-EVO before 21.4R3-S6-EVO; * from 22.2-EVO before 22.2R3-S4-EVO; * from 22.3-EVO before 22.3R3-S3-EVO; * from 22.4-EVO before 22.4R3-EVO; * from 23.2-EVO before 23.2R2-EVO. * from 23.4-EVO before 23.4R1-S1-EVO.	5.3
2024-04-12	CVE-2024-30409		An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon (fibtd) to crash, leading to a limited Denial of Service. This issue affects Juniper Networks Junos OS: * from 22.1 before 22.1R1-S2, 22.1R2. Junos OS Evolved: * from 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO.	5.3
2024-04-10	CVE-2024-31302	Codepeople	Information Exposure vulnerability in Codepeople Contact Form Email Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44.	5.3
2024-04-10	CVE-2024-31353	Tribulant	Information Exposure Through Log Files vulnerability in Tribulant Slideshow Gallery Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.	5.3
2024-04-09	CVE-2024-3097	Imagely	Missing Authorization vulnerability in Imagely Nextgen Gallery The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_item function in versions up to, and including, 3.59.	5.3
2024-04-12	CVE-2024-21615		An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user performs specific actions via NETCONF, then a low-privileged user can access sensitive information compromising the confidentiality of the system. This issue affects: Junos OS: * all versions before 21.2R3-S7, * from 21.4 before 21.4R3-S5, * from 22.1 before 22.1R3-S5, * from 22.2 before 22.2R3-S3, * from 22.3 before 22.3R3-S2, * from 22.4 before 22.4R3, * from 23.2 before 23.2R1-S2. Junos OS Evolved: * all versions before 21.2R3-S7-EVO, * from 21.3 before 21.3R3-S5-EVO, * from 21.4 before 21.4R3-S5-EVO, * from 22.1 before 22.1R3-S5-EVO, * from 22.2 before 22.2R3-S3-EVO, * from 22.3 before 22.3R3-S2-EVO, * from 22.4 before 22.4R3-EVO, * from 23.2 before 23.2R1-S2.	5.0
2024-04-09	CVE-2024-26220		Windows Mobile Hotspot Information Disclosure Vulnerability	5.0
2024-04-12	CVE-2024-21610		An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS on MX Series allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service (DoS). In a scaled subscriber scenario when specific low privileged commands, received over NETCONF, SSH or telnet, are handled by cosd on behalf of mgd, the respective child management daemon (mgd) processes will get stuck.	4.3
2024-04-09	CVE-2024-29056	Microsoft	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Microsoft products Windows Authentication Elevation of Privilege Vulnerability	4.3
2024-04-09	CVE-2024-28922		Secure Boot Security Feature Bypass Vulnerability	4.1

Expand/Hide

0 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS