CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20561 –
https://notcve.org/view.php?id=CVE-2023-20561
08 Aug 2023 — Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20556 –
https://notcve.org/view.php?id=CVE-2023-20556
08 Aug 2023 — Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7003 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2023-20562 –
https://notcve.org/view.php?id=CVE-2023-20562
08 Aug 2023 — Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. • https://github.com/zeze-zeze/HITCON-2023-Demo-CVE-2023-20562 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-38154 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38154
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel has an issue where a partial success of registry hive log recovery may lead to inconsistent state and memory corruption. • https://packetstorm.news/files/id/174568 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2023-38172 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-38172
08 Aug 2023 — Microsoft Message Queuing Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38172 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38175 – Microsoft Windows Defender Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38175
08 Aug 2023 — Microsoft Windows Defender Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38175 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2023-38184 – Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38184
08 Aug 2023 — Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38184 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2023-38186 – Windows Mobile Device Management Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38186
08 Aug 2023 — Windows Mobile Device Management Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-35387 – Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35387
08 Aug 2023 — Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of AVDTP commands. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2023-35386 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35386
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel suffers from out-of-bounds reads due to an integer overflow in registry .LOG file parsing. • https://packetstorm.news/files/id/174567 • CWE-125: Out-of-bounds Read •