CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2023-35622 – Windows DNS Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-35622
12 Dec 2023 — Windows DNS Spoofing Vulnerability Vulnerabilidad de suplantación de DNS de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35622 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35631 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35631
12 Dec 2023 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35631 •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-35630 – Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35630
12 Dec 2023 — Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de conexión compartida a Internet (ICS) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35630 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 35%CPEs: 15EXPL: 0CVE-2023-35628 – Windows MSHTML Platform Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35628
12 Dec 2023 — Windows MSHTML Platform Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en la plataforma Windows MSHTML • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35628 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21740 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21740
12 Dec 2023 — Windows Media Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Windows Media • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21740 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-36696 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36696
12 Dec 2023 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador del minifiltro de archivos en la nube de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36696 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-24023 – kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses
https://notcve.org/view.php?id=CVE-2023-24023
28 Nov 2023 — Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS. Los dispositivos Bluetooth BR/EDR con emparejamiento simple seguro y emparejamiento de conexiones seguras en las especificaciones principales de Bluetooth 4.2 a 5.4 permiten ciertos ataques de intermediario que fuerzan una longi... • https://dl.acm.org/doi/10.1145/3576915.3623066 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 7.0EPSS: 0%CPEs: 20EXPL: 1CVE-2023-36403 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36403
14 Nov 2023 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows. The Microsoft Windows Kernel has an issue with bad locking in registry virtualization that can result in race conditions. • https://packetstorm.news/files/id/176209 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 1CVE-2023-36404 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36404
14 Nov 2023 — Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del kernel de Windows. The Microsoft Windows Kernel has a time-of-check / time-of-use issue in verifying layered key security which may lead to information disclosure from privileged registry keys. • https://packetstorm.news/files/id/176110 • CWE-284: Improper Access Control •
CVSS: 7.0EPSS: 0%CPEs: 14EXPL: 0CVE-2023-36405 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36405
14 Nov 2023 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36405 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •