Microsoft Patch Tuesday June 2024
Microsoft has released vulnerabilities for multiple products
Date :Jun14,2024
| Description | |||||
| CVE | Disclosed | Exploited | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability | |||||
| CVE-2024-35255 | No | No | Important | 5.5 | 4.8 |
| Azure Monitor Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-35254 | No | No | Important | 7.1 | 6.2 |
| Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability | |||||
| CVE-2024-37325 | No | No | Important | 8.1 | 7.3 |
| Azure Storage Movement Client Library Denial of Service Vulnerability | |||||
| CVE-2024-35252 | No | No | Important | 7.5 | 6.5 |
| Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC | |||||
| CVE-2024-5493 | No | No | - | ||
| Chromium: CVE-2024-5494 Use after free in Dawn | |||||
| CVE-2024-5494 | No | No | - | ||
| Chromium: CVE-2024-5495 Use after free in Dawn | |||||
| CVE-2024-5495 | No | No | - | ||
| Chromium: CVE-2024-5496 Use after free in Media Session | |||||
| CVE-2024-5496 | No | No | - | ||
| Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs | |||||
| CVE-2024-5497 | No | No | - | ||
| Chromium: CVE-2024-5498 Use after free in Presentation API | |||||
| CVE-2024-5498 | No | No | - | ||
| Chromium: CVE-2024-5499 Out of bounds write in Streams API | |||||
| CVE-2024-5499 | No | No | - | ||
| DHCP Server Service Denial of Service Vulnerability | |||||
| CVE-2024-30070 | No | No | Important | 7.5 | 6.7 |
| GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM | |||||
| CVE-2024-29187 | No | No | Important | 7.3 | 6.4 |
| MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU | |||||
| CVE-2023-50868 | Yes | No | Important | 7.5 | 6.5 |
| Microsoft Azure File Sync Elevation of Privilege Vulnerability | |||||
| CVE-2024-35253 | No | No | Important | 4.4 | 4.2 |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | |||||
| CVE-2024-35263 | No | No | Important | 5.7 | 5 |
| Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | |||||
| CVE-2024-35248 | No | No | Important | 7.3 | 6.4 |
| Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability | |||||
| CVE-2024-35249 | No | No | Important | 8.8 | 7.7 |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | |||||
| CVE-2024-30072 | No | No | Important | 7.8 | 6.8 |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2024-30080 | No | No | Critical | 9.8 | 8.5 |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2024-30101 | No | No | Important | 7.5 | 6.5 |
| CVE-2024-30102 | No | No | Important | 7.3 | 6.4 |
| CVE-2024-30104 | No | No | Important | 7.8 | 6.8 |
| Microsoft Outlook Remote Code Execution Vulnerability | |||||
| CVE-2024-30103 | No | No | Important | 8.8 | 7.7 |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2024-30100 | No | No | Important | 7.8 | 6.8 |
| Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | |||||
| CVE-2024-30097 | No | No | Important | 8.8 | 7.7 |
| Microsoft Streaming Service Elevation of Privilege Vulnerability | |||||
| CVE-2024-30089 | No | No | Important | 7.8 | 6.8 |
| CVE-2024-30090 | No | No | Important | 7 | 6.1 |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2024-29060 | No | No | Important | 6.7 | 5.8 |
| Visual Studio Remote Code Execution Vulnerability | |||||
| CVE-2024-30052 | No | No | Important | 4.7 | 4.1 |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2024-30082 | No | No | Important | 7.8 | 6.8 |
| CVE-2024-30087 | No | No | Important | 7.8 | 6.8 |
| CVE-2024-30091 | No | No | Important | 7.8 | 7 |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-30085 | No | No | Important | 7.8 | 7 |
| Windows Container Manager Service Elevation of Privilege Vulnerability | |||||
| CVE-2024-30076 | No | No | Important | 6.8 | 5.9 |
| Windows Cryptographic Services Information Disclosure Vulnerability | |||||
| CVE-2024-30096 | No | No | Important | 5.5 | 4.8 |
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | |||||
| CVE-2024-30063 | No | No | Important | 6.7 | 5.8 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2024-30064 | No | No | Important | 8.8 | 7.7 |
| CVE-2024-30068 | No | No | Important | 8.8 | 7.7 |
| CVE-2024-30088 | No | No | Important | 7 | 6.3 |
| CVE-2024-30099 | No | No | Important | 7 | 6.3 |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-35250 | No | No | Important | 7.8 | 6.8 |
| CVE-2024-30084 | No | No | Important | 7 | 6.1 |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | |||||
| CVE-2024-30074 | No | No | Important | 8 | 7.2 |
| CVE-2024-30075 | No | No | Important | 8 | 7 |
| Windows OLE Remote Code Execution Vulnerability | |||||
| CVE-2024-30077 | No | No | Important | 8 | 7 |
| Windows Perception Service Elevation of Privilege Vulnerability | |||||
| CVE-2024-35265 | No | No | Important | 7 | 6.1 |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2024-30069 | No | No | Important | 4.7 | 4.1 |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||||
| CVE-2024-30094 | No | No | Important | 7.8 | 6.8 |
| CVE-2024-30095 | No | No | Important | 7.8 | 6.8 |
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability | |||||
| CVE-2024-30083 | No | No | Important | 7.5 | 6.5 |
| Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | |||||
| CVE-2024-30062 | No | No | Important | 7.8 | 7 |
| Windows Storage Elevation of Privilege Vulnerability | |||||
| CVE-2024-30093 | No | No | Important | 7.3 | 6.4 |
| Windows Themes Denial of Service Vulnerability | |||||
| CVE-2024-30065 | No | No | Important | 5.5 | 4.8 |
| Windows Wi-Fi Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30078 | No | No | Important | 8.8 | 7.7 |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | |||||
| CVE-2024-30086 | No | No | Important | 7.8 | 6.8 |
| Winlogon Elevation of Privilege Vulnerability | |||||
| CVE-2024-30066 | No | No | Important | 5.5 | 4.8 |
| CVE-2024-30067 | No | No | Important | 5.5 | 4.8 |
Original Advisory
Microsoft
https://msrc.microsoft.com/update-guide/vulnerability
NOTE:The Information provided is on "as is" basis, without assurance of any kind.