CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2023-23399 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-23399
Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel 365 MSO version 2302 build 16.0.16130.20186 64-bit suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/51328 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23399 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-23398 – Microsoft Excel Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-23398
Microsoft Excel Spoofing Vulnerability Microsoft Excel suffers from a spoofing vulnerability. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23398 •
CVSS: 9.8EPSS: 90%CPEs: 6EXPL: 25CVE-2023-23397 – Microsoft Office Outlook Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-23397
Microsoft Outlook Elevation of Privilege Vulnerability Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user. • https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY https://github.com/ahmedkhlief/CVE-2023-23397-POC https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook https://github.com/Pushkarup/CVE-2023-23397 https://github.com/Cyb3rMaddy/CVE-2023-23397-Report https://github.com/api0cradle/CVE-2023-23397-POC-Powershell https://github.com/Trackflaw/CVE-2023-23397 https://github.com/ka7ana/CVE-2023-23397 https://github.com/tiepologian/CVE-2023-23397 https://gith • CWE-20: Improper Input Validation CWE-294: Authentication Bypass by Capture-replay •
CVSS: 8.0EPSS: 1%CPEs: 1EXPL: 0CVE-2023-21778 – Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21778
Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21778 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21715 – Microsoft Office Publisher Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-21715
Microsoft Publisher Security Features Bypass Vulnerability Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21715 • CWE-863: Incorrect Authorization •