CVE-2023-21560 – Windows Boot Manager Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-21560
Windows Boot Manager Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad del Administrador de arranque de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21560 • CWE-122: Heap-based Buffer Overflow CWE-863: Incorrect Authorization •
CVE-2023-21547 – Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21547
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del protocolo de intercambio de claves de Internet (IKE) This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IKEEXT service, which listens on UDP ports 500 and 4500. A crafted Vendor ID payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21547 • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •
CVE-2023-21774 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21774
Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows The Microsoft Windows kernel suffers from multiple security issues in the key replication feature of registry virtualization. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21774 • CWE-269: Improper Privilege Management CWE-416: Use After Free •
CVE-2023-21524 – Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21524
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Windows Local Security Authority. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21524 • CWE-798: Use of Hard-coded Credentials •
CVE-2023-21525 – Remote Procedure Call Runtime Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21525
Remote Procedure Call Runtime Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21525 •