CVSS: 8.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21822 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21822
14 Feb 2023 — Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage th... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21822 • CWE-416: Use After Free •
CVSS: 7.7EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21820 – Windows Distributed File System (DFS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21820
14 Feb 2023 — Windows Distributed File System (DFS) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21820 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-21819 – Windows Secure Channel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21819
14 Feb 2023 — Windows Secure Channel Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21819 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-21818 – Windows Secure Channel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21818
14 Feb 2023 — Windows Secure Channel Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21818 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21817 – Windows Kerberos Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21817
14 Feb 2023 — Windows Kerberos Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21817 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21816 – Windows Active Directory Domain Services API Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21816
14 Feb 2023 — Windows Active Directory Domain Services API Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21816 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21813 – Windows Secure Channel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21813
14 Feb 2023 — Windows Secure Channel Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21813 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21812 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21812
14 Feb 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21812 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21811 – Windows iSCSI Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21811
14 Feb 2023 — Windows iSCSI Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21811 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21805 – Windows MSHTML Platform Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21805
14 Feb 2023 — Windows MSHTML Platform Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of certain image file types that can contain script tags. Under limited circumstances, crafted data in an image can lead to execution of untrusted script. A... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21805 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •