Security Vulnerabilities - CVEs Published In June 2024
Winlogon Elevation of Privilege Vulnerability
CVSS Score
5.5
EPSS Score
0.003
Published
2024-06-11
Winlogon Elevation of Privilege Vulnerability
CVSS Score
5.5
EPSS Score
0.008
Published
2024-06-11
Visual Studio Elevation of Privilege Vulnerability
CVSS Score
6.7
EPSS Score
0.003
Published
2024-06-11
Visual Studio Remote Code Execution Vulnerability
CVSS Score
4.7
EPSS Score
0.016
Published
2024-06-11
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.01
Published
2024-06-11
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-06-11
A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request.
CVSS Score
3.3
EPSS Score
0.001
Published
2024-06-11
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-06-11
Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a through 1.7.2.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-06-11
Missing Authorization vulnerability in Contact List PRO Contact List – Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List – Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through 2.9.87.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-06-11