CVSS: 8.0EPSS: 0%CPEs: 21EXPL: 0CVE-2023-36425 – Windows Distributed File System (DFS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36425
14 Nov 2023 — Windows Distributed File System (DFS) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del sistema de archivos distribuido (DFS) de Windows. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36425 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2023-36428 – Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36428
14 Nov 2023 — Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del servicio del subsistema de la autoridad de seguridad local de Microsoft. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36428 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 4%CPEs: 74EXPL: 0CVE-2023-36560 – ASP.NET Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36560
14 Nov 2023 — ASP.NET Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de ASP.NET. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36560 •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2023-36705 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36705
14 Nov 2023 — Windows Installer Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del instalador de Windows. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36705 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2023-36719 – Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36719
14 Nov 2023 — Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Speech Application Programming Interface (SAPI). • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36719 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2023-36436 – Windows MSHTML Platform Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36436
10 Oct 2023 — Windows MSHTML Platform Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Windows MSHTML Platform • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36436 •
CVSS: 7.8EPSS: 1%CPEs: 16EXPL: 0CVE-2023-36743 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36743
10 Oct 2023 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36743 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 14EXPL: 0CVE-2023-36776 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36776
10 Oct 2023 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36776 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-36790 – Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36790
10 Oct 2023 — Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows RDP Encoder Mirror Driver • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36790 • CWE-284: Improper Access Control •
CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2023-38166 – Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38166
10 Oct 2023 — Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Layer 2 Tunneling Protocol • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38166 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •