CVE-2023-35357 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35357
Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel may reference unbacked layered keys through registry virtualization. • http://packetstormsecurity.com/files/174116/Microsoft-Windows-Kernel-Unsafe-Reference.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35357 • CWE-125: Out-of-bounds Read •
CVE-2023-35356 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35356
Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel CmDeleteLayeredKey may delete predefined tombstone keys, leading to security descriptor use-after-free. • http://packetstormsecurity.com/files/174115/Microsoft-Windows-Kernel-Arbitrary-Read.html http://packetstormsecurity.com/files/174118/Microsoft-Windows-Kernel-Security-Descriptor-Use-After-Free.html http://packetstormsecurity.com/files/176451/Microsoft-Windows-Registry-Predefined-Keys-Privilege-Escalation.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35356 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-35353 – Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35353
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35353 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2023-35347 – Microsoft Install Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35347
Microsoft Install Service Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35347 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2023-35343 – Windows Geolocation Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35343
Windows Geolocation Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35343 • CWE-426: Untrusted Search Path •