Analyst command view

MSRC Driver CVE Board

Latest-state board for filtered MSRC CVEs from 2020-01-01 to today, tuned for fast triage across module, CWE, release window, exploitation signal, and acknowledgement context.

Live snapshot

Last Sync

2026-05-22T10:50:34Z

Freshness

4 hour(s) ago

Refresh Policy

24h baseline + release watch

Storage

Latest snapshot only

Rows In View

4943

Current result set after filter and search.

Exploited Flagged

4193

Rows with a non-empty exploitation signal.

Distinct CWE

162

Unique weakness classes in this view.

Modules

1535

Unique inferred driver or component labels.

Module

CWE

Rows

Sort

Actions

Reset

Top CWE

162 classes

Unspecified2109 CWE-416: Use After Free443 CWE-122: Heap-based Buffer Overflow356 CWE-125: Out-of-bounds Read269 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')147 CWE-20: Improper Input Validation142 CWE-190: Integer Overflow or Wraparound127 CWE-476: NULL Pointer Dereference126

Top Modules

1535 modules

Windows Kernel220 Windows Routing and Remote Access Service (RRAS)111 Windows Hyper-V101 Win32k100 Windows Graphics Component89 Windows Print Spooler69 Remote Procedure Call Runtime67 Microsoft Message Queuing (MSMQ)63

Release Month

December 2024

37 CVE | last update 4 hour(s) ago

Release 2024-12-10 Patch Tuesday Count 37

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2024-49079	Input Method Editor (IME) Exploitation Less Likely	CWE-416: Use After Free	Input Method Editor (IME) Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By CHEN QINGYANG with Topsec Alpha Team
CVE-2024-49075	Windows Remote Desktop Services Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Remote Desktop Services Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By k0shl with Kunlun Lab
CVE-2024-49129	Windows Remote Desktop Gateway (RD Gateway) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability CVSS vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By k0shl with Kunlun Lab
CVE-2024-49096	Microsoft Message Queuing (MSMQ) Exploitation Less Likely	CWE-400: Uncontrolled Resource Consumption	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Azure Yang with Kunlun Lab
CVE-2024-49117	Windows Hyper-V Exploitation Less Likely	CWE-393: Return of Wrong Status Code	Windows Hyper-V Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Agustin Toribio Moreno with Microsoft
CVE-2024-49084	Windows Kernel Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Windows Kernel Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Anonymous
CVE-2024-49124	Lightweight Directory Access Protocol (LDAP) Client Exploitation Less Likely	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Wei in Kunlun Lab with Cyber KunLun
CVE-2024-49105	Remote Desktop Client Exploitation Less Likely	CWE-284: Improper Access Control	Remote Desktop Client Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Naceri with MSRC Vulnerabilities & Mitigations
CVE-2024-43594	Microsoft System Center Exploitation Less Likely	CWE-284: Improper Access Control	Microsoft System Center Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By R4nger & Zhiniang Peng
CVE-2024-49082	Windows File Explorer Exploitation Less Likely	CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	Windows File Explorer Information Disclosure Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C	2024-12-10	No	Reported By st4nly0n working with Trend Micro Zero Day Initiative
CVE-2024-49087	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-20: Improper Input Validation	Windows Mobile Broadband Driver Information Disclosure Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49073	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-20: Improper Input Validation	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49103	Windows Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-191: Integer Underflow (Wrap or Wraparound) CWE-125: Out-of-bounds Read	Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49077	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-191: Integer Underflow (Wrap or Wraparound) CWE-125: Out-of-bounds Read	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49089	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Anonymous
CVE-2024-49085	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Anonymous
CVE-2024-49078	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound CWE-125: Out-of-bounds Read	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49112	Windows Lightweight Directory Access Protocol (LDAP) Exploitation Less Likely	CWE-190: Integer Overflow or Wraparound	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Yuki Chen
CVE-2024-49088	Windows Common Log File System Driver Exploitation More Likely	CWE-126: Buffer Over-read	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By dkdfcd
CVE-2024-49111	Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49109	Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49101	Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49099	Windows Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49098	Windows Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49110	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Adel from MSRC V&M
CVE-2024-49092	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49083	Windows Mobile Broadband Driver Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Mobile Broadband Driver Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49113	Windows Lightweight Directory Access Protocol (LDAP) Exploitation Less Likely	CWE-125: Out-of-bounds Read	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Yuki Chen
CVE-2024-49094	Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49081	Wireless Wide Area Network Service (WwanSvc) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability CVSS vector: AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Zhihua Wen with CyberKunLun
CVE-2024-49072	Windows Task Scheduler Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Task Scheduler Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Florian Schweins
CVE-2024-49125	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Nirmala Nawale with Microsoft Anonymous
CVE-2024-49104	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Anonymous
CVE-2024-49102	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Anonymous
CVE-2024-49086	Windows Routing and Remote Access Service (RRAS) Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Anonymous
CVE-2024-49080	Windows IP Routing Management Snapin Exploitation Less Likely	CWE-122: Heap-based Buffer Overflow	Windows IP Routing Management Snapin Remote Code Execution Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	No	Reported By Anonymous
CVE-2024-49138	Windows Common Log File System Driver Exploitation Detected	CWE-122: Heap-based Buffer Overflow	Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-12-10	Yes	Reported By Advanced Research Team with CrowdStrike

Release Month

November 2024

13 CVE | last update 4 hour(s) ago

Release 2024-11-28 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2024-23775	Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2 allows attackers to cause a No latest release note	Unspecified	Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2 allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension(). CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	2024-11-28	-	-

Release 2024-11-23 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2024-21538	Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression No latest release note	CWE-1333: Inefficient Regular Expression Complexity	Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. CVSS vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	2024-11-23	-	-

Release 2024-11-14 Other / OOB Count 1

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2024-9676	Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause No latest release note	CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos) CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	2024-11-14	-	-

Release 2024-11-12 Patch Tuesday Count 10

CVE	Module	CWE	Title Advisory text and compact technical context	Release	Exploited	Acknowledgement
CVE-2024-43646	Windows Secure Kernel Mode Exploitation Less Likely	CWE-822: Untrusted Pointer Dereference	Windows Secure Kernel Mode Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By Maxime Villard, of M.O.R.S.E.
CVE-2024-43631	Windows Secure Kernel Mode Exploitation Less Likely	CWE-822: Untrusted Pointer Dereference	Windows Secure Kernel Mode Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By Maxime Villard, of M.O.R.S.E.
CVE-2024-43624	Windows Hyper-V Shared Virtual Disk Exploitation Less Likely	CWE-822: Untrusted Pointer Dereference	Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability CVSS vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By D4m0n with CW Research Inc. nevul37 with CW Research Inc.
CVE-2024-43629	Windows DWM Core Library Exploitation More Likely	CWE-822: Untrusted Pointer Dereference	Windows DWM Core Library Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By Sergey Tarasov with Positive Technologies immortalp0ny
CVE-2024-43636	Win32k Exploitation More Likely	CWE-822: Untrusted Pointer Dereference	Win32k Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By Joe Bialek (Microsoft Offensive Research & Security Engineering)
CVE-2024-38203	Windows Package Library Manager Exploitation Less Likely	CWE-693: Protection Mechanism Failure	Windows Package Library Manager Information Disclosure Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C	2024-11-12	No	Reported By Anonymous
CVE-2024-49051	Microsoft PC Manager Exploitation Less Likely	CWE-59: Improper Link Resolution Before File Access ('Link Following')	Microsoft PC Manager Elevation of Privilege Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By BochengXiang(@Crispr) with FDU Simon (@sim0nsecurity)
CVE-2024-43633	Windows Hyper-V Exploitation Less Likely	CWE-591: Sensitive Data Storage in Improperly Locked Memory	Windows Hyper-V Denial of Service Vulnerability CVSS vector: AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By ChengBin Wang with ZheJiang Guoli Security Technology
CVE-2024-38264	Microsoft Virtual Hard Disk (VHDX) Exploitation Less Likely	CWE-591: Sensitive Data Storage in Improperly Locked Memory	Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C	2024-11-12	No	-
CVE-2024-49043	Microsoft.SqlServer.XEvent.Configuration.dll Exploitation Less Likely	CWE-426: Untrusted Search Path	Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability CVSS vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C	2024-11-12	No	Reported By CHEN QINGYANG with Topsec Alpha Team