OnlyFm252
Patch Tuesday Archive

Patch Tuesday May 2024

Total CVEs

62

Critical

1

Important

59

Exploited

2

Publicly Disclosed

3

All CVEs this month 62

CVE Title Severity CVSS Product Exploited Disclosed
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical 7.2 Microsoft Office SharePoint - -
CVE-2024-26238 Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability Important 7.8 Windows Task Scheduler - -
CVE-2024-29994 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows SCSI Class System File - -
CVE-2024-29996 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 Windows Common Log File System Driver - -
CVE-2024-29997 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-29998 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-29999 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30000 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30001 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30002 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30003 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30004 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30005 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important 8.8 Microsoft WDAC OLE DB provider for SQL - -
CVE-2024-30007 Microsoft Brokering File System Elevation of Privilege Vulnerability Important 8.8 Microsoft Brokering File System - -
CVE-2024-30008 Windows DWM Core Library Information Disclosure Vulnerability Important 5.5 Windows DWM Core Library - -
CVE-2024-30009 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 8.8 Windows Routing and Remote Access Service (RRAS) - -
CVE-2024-30010 Windows Hyper-V Remote Code Execution Vulnerability Important 8.8 Windows Hyper-V - -
CVE-2024-30011 Windows Hyper-V Denial of Service Vulnerability Important 6.5 Windows Hyper-V - -
CVE-2024-30012 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30014 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 7.5 Windows Routing and Remote Access Service (RRAS) - -
CVE-2024-30015 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 7.5 Windows Routing and Remote Access Service (RRAS) - -
CVE-2024-30016 Windows Cryptographic Services Information Disclosure Vulnerability Important 5.5 Windows Cryptographic Services - -
CVE-2024-30017 Windows Hyper-V Remote Code Execution Vulnerability Important 8.8 Windows Hyper-V - -
CVE-2024-30018 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 Windows Kernel - -
CVE-2024-30019 DHCP Server Service Denial of Service Vulnerability Important 6.5 Windows DHCP Server - -
CVE-2024-30020 Windows Cryptographic Services Remote Code Execution Vulnerability Important 8.1 Windows Cryptographic Services - -
CVE-2024-30021 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Important 6.8 Windows Mobile Broadband - -
CVE-2024-30022 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 7.5 Windows Routing and Remote Access Service (RRAS) - -
CVE-2024-30023 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 7.5 Windows Routing and Remote Access Service (RRAS) - -
CVE-2024-30024 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 7.5 Windows Routing and Remote Access Service (RRAS) - -
CVE-2024-30025 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 Windows Common Log File System Driver - -
CVE-2024-30027 NTFS Elevation of Privilege Vulnerability Important 7.8 Windows NTFS - -
CVE-2024-30028 Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Win32K - ICOMP - -
CVE-2024-30029 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 7.5 Windows Routing and Remote Access Service (RRAS) - -
CVE-2024-30030 Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Win32K - GRFX - -
CVE-2024-30031 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability Important 7.8 Windows CNG Key Isolation Service - -
CVE-2024-30032 Windows DWM Core Library Elevation of Privilege Vulnerability Important 7.8 Windows DWM Core Library - -
CVE-2024-30033 Windows Search Service Elevation of Privilege Vulnerability Important 7 Microsoft Windows Search Component - -
CVE-2024-30034 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Important 5.5 Windows Cloud Files Mini Filter Driver - -
CVE-2024-30035 Windows DWM Core Library Elevation of Privilege Vulnerability Important 7.8 Windows DWM Core Library - -
CVE-2024-30036 Windows Deployment Services Information Disclosure Vulnerability Important 6.5 Windows Deployment Services - -
CVE-2024-30037 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 5.5 Windows Common Log File System Driver - -
CVE-2024-30038 Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Win32K - ICOMP - -
CVE-2024-30039 Windows Remote Access Connection Manager Information Disclosure Vulnerability Important 5.5 Windows Remote Access Connection Manager - -
CVE-2024-30040 Windows MSHTML Platform Security Feature Bypass Vulnerability Important 8.8 Windows MSHTML Platform Yes -
CVE-2024-30041 Microsoft Bing Search Spoofing Vulnerability Important 5.4 Microsoft Bing - -
CVE-2024-30042 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office Excel - -
CVE-2024-30043 Microsoft SharePoint Server Information Disclosure Vulnerability Important 6.5 Microsoft Office SharePoint - -
CVE-2024-30045 .NET and Visual Studio Remote Code Execution Vulnerability Important 6.3 .NET and Visual Studio - -
CVE-2024-30046 Visual Studio Denial of Service Vulnerability Important 5.9 Visual Studio - Yes
CVE-2024-30047 Dynamics 365 Customer Insights Spoofing Vulnerability Important 7.6 Microsoft Dynamics 365 Customer Insights - -
CVE-2024-30048 Dynamics 365 Customer Insights Spoofing Vulnerability Important 7.6 Microsoft Dynamics 365 Customer Insights - -
CVE-2024-30049 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Important 7.8 Windows Win32K - ICOMP - -
CVE-2024-30051 Windows DWM Core Library Elevation of Privilege Vulnerability Important 7.8 Windows DWM Core Library Yes Yes
CVE-2024-30053 Azure Migrate Cross-Site Scripting Vulnerability Important 6.5 Azure Migrate - -
CVE-2024-30054 Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability Important 6.5 Power BI - -
CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Important 7.1 Microsoft Edge (Chromium-based) - -
CVE-2024-30059 Microsoft Intune for Android Mobile Application Management Tampering Vulnerability Important 6.1 Microsoft Intune - -
CVE-2024-30060 Azure Monitor Agent Elevation of Privilege Vulnerability Important 7.8 Azure Monitor - Yes
CVE-2024-30050 Windows Mark of the Web Security Feature Bypass Vulnerability Moderate 5.4 Windows Mark of the Web (MOTW) - -
CVE-2024-30055 Microsoft Edge (Chromium-based) Spoofing Vulnerability Low 5.4 Microsoft Edge (Chromium-based) - -

    Threat Categories 7

    Threat Category CVEs Critical
    Remote Code Execution 25 1
    Elevation of Privilege 18 -
    Information Disclosure 8 -
    Spoofing 5 -
    Denial of Service 3 -
    Security Feature Bypass 2 -
    Tampering 1 -

    Affected Products 33

    Product CVEs Exploited
    Windows Mobile Broadband 11 -
    Windows Routing and Remote Access Service (RRAS) 7 -
    Windows DWM Core Library 4 1
    Windows Common Log File System Driver 3 -
    Windows Hyper-V 3 -
    Windows Win32K - ICOMP 3 -
    Microsoft Office SharePoint 2 -
    Windows Cryptographic Services 2 -
    Microsoft Dynamics 365 Customer Insights 2 -
    Microsoft Edge (Chromium-based) 2 -
    Windows Task Scheduler 1 -
    Microsoft Windows SCSI Class System File 1 -
    Microsoft WDAC OLE DB provider for SQL 1 -
    Microsoft Brokering File System 1 -
    Windows Kernel 1 -
    Windows DHCP Server 1 -
    Windows NTFS 1 -
    Windows Win32K - GRFX 1 -
    Windows CNG Key Isolation Service 1 -
    Microsoft Windows Search Component 1 -
    Windows Cloud Files Mini Filter Driver 1 -
    Windows Deployment Services 1 -
    Windows Remote Access Connection Manager 1 -
    Windows MSHTML Platform 1 1
    Microsoft Bing 1 -
    Microsoft Office Excel 1 -
    .NET and Visual Studio 1 -
    Visual Studio 1 -
    Azure Migrate 1 -
    Power BI 1 -
    Microsoft Intune 1 -
    Azure Monitor 1 -
    Windows Mark of the Web (MOTW) 1 -