Microsoft Windows UI Immersive Server API Privilege Escalation

A vulnerability was found in Microsoft Windows (Operating System) and classified as critical. Affected by this issue is an unknown code block of the component UI Immersive Server API. Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-4267 : PARISNEO LOLLMS-WEBUI UP TO 9.5 OPEN_FILE COMMAND INJECTION

CVE-2024-4267 : PARISNEO LOLLMS-WEBUI UP TO 9.5 OPEN_FILE COMMAND INJECTION

Description A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within the ‘open_file’ module, version 9.5. The vulnerability

CVE-2024-29849 : VEERAM BACKUP & REPLICATION PRIOR 11.0.1.1261 P20240304/12.1.2.172 ENTERPRISE MANAGER WEB INTERFACE IMPROPER AUTHENTICATION

CVE-2024-29849 : VEERAM BACKUP & REPLICATION PRIOR 11.0.1.1261 P20240304/12.1.2.172 ENTERPRISE MANAGER WEB INTERFACE IMPROPER AUTHENTICATION

Description Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. References

CVE-2024-36011 : LINUX KERNEL UP TO 6.6.30/6.8.9 BLUETOOTH HCI_LE_BIG_SYNC_ESTABLISHED_EVT NULL POINTER DEREFERENCE

CVE-2024-36011 : LINUX KERNEL UP TO 6.6.30/6.8.9 BLUETOOTH HCI_LE_BIG_SYNC_ESTABLISHED_EVT NULL POINTER DEREFERENCE

Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in