VDB

GCVE-110-NCSC-2024-248

GCVE-110-NCSC-2024-248
Advisory PublishedCVSS 7.0/10
Vulnetix · Advisory published June 11, 2024
Untrusted Pointer Dereference

Weaknesses (CWE)

CWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-400Uncontrolled Resource ConsumptionCWE-416Use After FreeCWE-641Improper Restriction of Names for Files and Other ResourcesCWE-190Integer Overflow or WraparoundCWE-59Improper Link Resolution Before File Access ('Link Following')CWE-122Heap-based Buffer OverflowCWE-125Out-of-bounds ReadCWE-126Buffer Over-readCWE-191Integer Underflow (Wrap or Wraparound)CWE-20Improper Input ValidationCWE-121Stack-based Buffer OverflowCWE-822Untrusted Pointer DereferenceCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-415Double Free

Risk Scores

CVSS 3.1
7.0/10
High · CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

VendorProductVersionsPlatforms
microsoftwindows_server_2008_r2_service_pack_1__server_core_installation_
microsoftwindows_server_2008_r2_service_pack_1
microsoftwindows_10_version_1507
microsoftwindows_server_2022__23h2_edition__server_core_installation_
microsoftwindows_server_2008__service_pack_2
microsoftwindows_server_2016__server_core_installation_
microsoftwindows_10_version_21h2
microsoftwindows_11_version_23h2
microsoftwindows_server_2008_service_pack_2
microsoftwindows_11_version_22h2
microsoftwindows_server_2019
microsoftwindows_server_2019__server_core_installation_
microsoftwindows_server_2012
microsoftwindows_11_version_21h2
microsoftwindows_server_2012_r2__server_core_installation_
microsoftwindows_server_2016
microsoftwindows_server_2012_r2
microsoftwindows_10_version_1809
microsoftwindows_server_2008_service_pack_2__server_core_installation_
microsoftwindows_10_version_22h2
microsoftwindows_11_version_22h3
microsoftwindows_server_2012__server_core_installation_
microsoftwindows_10_version_1607

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›