CVE-2023-36802 – Microsoft Streaming Service Proxy Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-36802
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Proxy del Servicio de Microsoft Streaming Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/ISH2YU/CVE-2023-36802 https://github.com/x0rb3l/CVE-2023-36802-MSKSSRV-LPE https://github.com/4zur-0312/CVE-2023-36802 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802 • CWE-416: Use After Free •
CVE-2023-36804 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36804
Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36804 • CWE-416: Use After Free •
CVE-2023-38161 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38161
Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38161 • CWE-416: Use After Free •
CVE-2023-38155 – Azure DevOps Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38155
Azure DevOps Server Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Servidor Azure DevOps This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure DevOps Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38155 • CWE-502: Deserialization of Untrusted Data •
CVE-2023-38144 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38144
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38144 • CWE-126: Buffer Over-read •