CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-34367
https://notcve.org/view.php?id=CVE-2023-34367
14 Jun 2023 — Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue. • http://blog.pi3.com.pl/?p=850 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 82EXPL: 0CVE-2023-29331 – .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-29331
14 Jun 2023 — .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability A vulnerability was found in dotnet. This issue can lead to a denial of service while processing X509 Certificates. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32022 – Windows Server Service Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-32022
13 Jun 2023 — Windows Server Service Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32022 • CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32021 – Windows SMB Witness Service Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-32021
13 Jun 2023 — Windows SMB Witness Service Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32021 •
CVSS: 5.6EPSS: 7%CPEs: 8EXPL: 0CVE-2023-32020 – Windows DNS Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-32020
13 Jun 2023 — Windows DNS Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32020 • CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action •
CVSS: 4.7EPSS: 0%CPEs: 17EXPL: 1CVE-2023-32019 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-32019
13 Jun 2023 — Windows Kernel Information Disclosure Vulnerability Due to some design problems in how transactions are implemented in the registry, it is possible for a low-privileged local attacker to force a non-atomic outcome of a transaction used by another high-privileged process in the system. • https://packetstorm.news/files/id/173310 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32018 – Windows Hello Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32018
13 Jun 2023 — Windows Hello Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32018 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2023-32017 – Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32017
13 Jun 2023 — Microsoft PostScript Printer Driver Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32017 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2023-32016 – Windows Installer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-32016
13 Jun 2023 — Windows Installer Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32016 • CWE-668: Exposure of Resource to Wrong Sphere CWE-908: Use of Uninitialized Resource •
CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0CVE-2023-32015 – Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32015
13 Jun 2023 — Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32015 • CWE-20: Improper Input Validation •