The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2024-20655 | Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20656 | Visual Studio Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20657 | Windows Group Policy Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20658 | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20660 | Microsoft Message Queuing Information Disclosure Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20661 | Microsoft Message Queuing Denial of Service Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20662 | Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20663 | Windows Message Queuing Client (MSMQC) Information Disclosure | -- | Jan 9, 2024 |
| CVE-2024-20664 | Microsoft Message Queuing Information Disclosure Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20665 | BitLocker Security Feature Bypass Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20666 | BitLocker Security Feature Bypass Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20667 | Azure DevOps Server Remote Code Execution Vulnerability | -- | Feb 13, 2024 |
| CVE-2024-20669 | Secure Boot Security Feature Bypass Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20670 | Outlook for Windows Spoofing Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20671 | Microsoft Defender Security Feature Bypass Vulnerability | -- | Mar 12, 2024 |
| CVE-2024-20672 | .NET Denial of Service Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20673 | Microsoft Office Remote Code Execution Vulnerability | -- | Feb 13, 2024 |
| CVE-2024-20674 | Windows Kerberos Security Feature Bypass Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20675 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | -- | Jan 11, 2024 |
| CVE-2024-20676 | Azure Storage Mover Remote Code Execution Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20677 | A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update. | -- | Jan 9, 2024 |
| CVE-2024-20678 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20679 | Azure Stack Hub Spoofing Vulnerability | -- | Feb 13, 2024 |
| CVE-2024-20680 | Windows Message Queuing Client (MSMQC) Information Disclosure | -- | Jan 9, 2024 |
| CVE-2024-20681 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20682 | Windows Cryptographic Services Remote Code Execution Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20683 | Win32k Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20684 | Windows Hyper-V Denial of Service Vulnerability | -- | Feb 13, 2024 |
| CVE-2024-20685 | Azure Private 5G Core Denial of Service Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20686 | Win32k Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20687 | Microsoft AllJoyn API Denial of Service Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20688 | Secure Boot Security Feature Bypass Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20689 | Secure Boot Security Feature Bypass Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20690 | Windows Nearby Sharing Spoofing Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20691 | Windows Themes Information Disclosure Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20692 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20693 | Windows Kernel Elevation of Privilege Vulnerability | -- | Apr 9, 2024 |
| CVE-2024-20694 | Windows CoreMessaging Information Disclosure Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20695 | Skype for Business Information Disclosure Vulnerability | -- | Feb 13, 2024 |
| CVE-2024-20696 | Windows Libarchive Remote Code Execution Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20697 | Windows Libarchive Remote Code Execution Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20698 | Windows Kernel Elevation of Privilege Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20699 | Windows Hyper-V Denial of Service Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20700 | Windows Hyper-V Remote Code Execution Vulnerability | -- | Jan 9, 2024 |
| CVE-2024-20709 | Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | -- | Jan 16, 2024 |
| CVE-2024-20710 | Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | -- | Jan 10, 2024 |
| CVE-2024-20711 | Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | -- | Jan 10, 2024 |
| CVE-2024-20712 | Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | -- | Jan 10, 2024 |
| CVE-2024-20713 | Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | -- | Jan 10, 2024 |
| CVE-2024-20714 | Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | -- | Jan 10, 2024 |
