NVD disclosure day
CVE-2024-30051
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Windows DWM Core Library allows an attacker with local access to elevate privileges, potentially leading to unauthorized system control and data access. This poses a risk to organizational security by enabling attackers to gain higher levels of access on affected systems. Organizations should ide
CVE-2024-30040
Halo Surface Signal: 3 out of 5 — possibly public-facing.
A security feature bypass vulnerability exists in the Windows MSHTML Platform. This could impact affected systems by allowing attackers to bypass security measures, potentially affecting data confidentiality, integrity, and availability. The CISA Known Exploited Vulnerabilities catalog lists this CVE, indicating active
CVE-2024-4761
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Google Chrome's V8 engine allows attackers to write data outside of intended memory boundaries via a malicious HTML page, potentially impacting system integrity and data confidentiality. This affects organizations using the affected browser versions.
CVE-2024-4671
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Google Chrome's Visuals component could allow an attacker to escape the browser's sandbox, potentially impacting systems and data. This risk materializes when an employee accesses a specially crafted HTML page, enabling an attacker to execute code.