VDB
GCVE-110-NCSC-2024-334
GCVE-110-NCSC-2024-334
Advisory PublishedCVSS 8.6/10
Microsoft heeft kwetsbaarheden verholpen in Windows.
Weaknesses (CWE)
CWE-197Numeric Truncation ErrorCWE-787Out-of-bounds WriteCWE-122Heap-based Buffer OverflowCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-125Out-of-bounds ReadCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-416Use After FreeCWE-20Improper Input ValidationCWE-345Insufficient Verification of Data AuthenticityCWE-693Protection Mechanism FailureCWE-284Improper Access ControlCWE-191Integer Underflow (Wrap or Wraparound)CWE-591Sensitive Data Storage in Improperly Locked MemoryCWE-208Observable Timing DiscrepancyCWE-908Use of Uninitialized ResourceCWE-476NULL Pointer DereferenceCWE-138Improper Neutralization of Special ElementsCWE-306Missing Authentication for Critical FunctionCWE-190Integer Overflow or WraparoundCWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-822Untrusted Pointer DereferenceCWE-126Buffer Over-readCWE-73External Control of File Name or Path
Risk Scores
CVSS 3.1
8.6/10
High · CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| microsoft | windows_server_2008_r2_service_pack_1__server_core_installation_ | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | — | — |
| microsoft | windows_10_version_1507 | — | — |
| microsoft | windows_server_2022__23h2_edition__server_core_installation_ | — | — |
| microsoft | windows_server_2008__service_pack_2 | — | — |
| microsoft | windows_server_2016__server_core_installation_ | — | — |
| microsoft | windows_10_version_21h2 | — | — |
| microsoft | windows_11_version_23h2 | — | — |
| microsoft | windows | — | — |
| microsoft | windows_server_2008_service_pack_2 | — | — |
| microsoft | windows_server_2022 | — | — |
| microsoft | windows_11_version_22h2 | — | — |
| microsoft | remote_desktop_client_for_windows_desktop | — | — |
| microsoft | windows_11 | — | — |
| microsoft | windows_server_2019 | — | — |
| microsoft | windows_server_2019__server_core_installation_ | — | — |
| microsoft | windows_server_2022_23h2 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_11_version_21h2 | — | — |
| microsoft | windows_server_2012_r2__server_core_installation_ | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2012_r2 | — | — |
| microsoft | windows_10_version_1809 | — | — |
| microsoft | windows_server_2008_service_pack_2__server_core_installation_ | — | — |
| microsoft | windows_10_version_22h2 | — | — |
| microsoft | windows_11_version_22h3 | — | — |
| microsoft | windows_server_2012__server_core_installation_ | — | — |
| microsoft | windows_11_version_24h2 | — | — |
| microsoft | windows_10_version_1607 | — | — |
Aliases
CVE-2022-2601CVE-2022-3775CVE-2023-40547CVE-2024-21302CVE-2024-29995CVE-2024-37968CVE-2024-38063CVE-2024-38106CVE-2024-38107CVE-2024-38114CVE-2024-38115CVE-2024-38116CVE-2024-38117CVE-2024-38118CVE-2024-38120CVE-2024-38121CVE-2024-38122CVE-2024-38123CVE-2024-38125CVE-2024-38126CVE-2024-38127CVE-2024-38128CVE-2024-38130CVE-2024-38131CVE-2024-38132CVE-2024-38133CVE-2024-38134CVE-2024-38135CVE-2024-38136CVE-2024-38137CVE-2024-38138CVE-2024-38140CVE-2024-38141CVE-2024-38142CVE-2024-38143CVE-2024-38144CVE-2024-38145CVE-2024-38146CVE-2024-38147CVE-2024-38148CVE-2024-38150CVE-2024-38151CVE-2024-38152CVE-2024-38153CVE-2024-38154CVE-2024-38155CVE-2024-38159CVE-2024-38160CVE-2024-38161CVE-2024-38165CVE-2024-38178CVE-2024-38180CVE-2024-38184CVE-2024-38185CVE-2024-38186CVE-2024-38187CVE-2024-38191CVE-2024-38193CVE-2024-38196CVE-2024-38198CVE-2024-38199CVE-2024-38202CVE-2024-38213CVE-2024-38214CVE-2024-38215CVE-2024-38223
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.