| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. |
| Microsoft Brokering File System Elevation of Privilege Vulnerability |
| Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability |
| Microsoft Access Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| Microsoft Brokering File System Elevation of Privilege Vulnerability |
| Microsoft DWM Core Library Elevation of Privilege Vulnerability |
| Windows OLE Remote Code Execution Vulnerability |
| Windows Remote Desktop Services Remote Code Execution Vulnerability |
| BranchCache Remote Code Execution Vulnerability |
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability |
| Microsoft COM for Windows Elevation of Privilege Vulnerability |
| A vulnerability ( CVE-2024-38229 https://www.cve.org/CVERecord ) exists in EOL ASP.NET when closing an HTTP/3 stream while application code is writing to the response body, a race condition may lead to use-after-free, resulting in Remote Code Execution.
Per CWE-416: Use After Free https://cwe.mitre.org/data/definitions/416.html , Use After Free is when a product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
This issue affects EOL ASP.NET 6.0.0 <= 6.0.36 as represented in this CVE, as well as 8.0.0 <= 8.0.8, 9.0.0-preview.1.24081.5 <= 9.0.0.RC.1 as represented in CVE-2024-38229 https://www.cve.org/CVERecord .
Additionally, if you've deployed self-contained applications https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.
NOTE: This CVE only represents End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry. |
| Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free (UAF) vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic Forward Proxy implementation, occurring when a completion callback for a DNS resolution triggers new DNS resolutions or removes existing pending resolutions. This condition may occur when the following conditions are met: dynamic Forwarding Filter is enabled, the `envoy.reloadable_features.dfp_cluster_resolves_hosts` runtime flag is enabled, and the Host header is modified between the Dynamic Forwarding Filter and Router filters. This issue is resolved in versions 1.34.5 and 1.35.1. To work around this issue, set the envoy.reloadable_features.dfp_cluster_resolves_hosts runtime flag to false. |
| In multiple locations, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In SendPacketToPeer of acl_arbiter.cc, there is a possible out of bounds read due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. |
