CVSS: 7.0EPSS: 0%CPEs: 16EXPL: 0CVE-2023-23385 – Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23385
14 Mar 2023 — Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23385 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-24671 – VX Search 13.8 Unquoted Service Path
https://notcve.org/view.php?id=CVE-2023-24671
09 Mar 2023 — VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file. VX Search version 13.8 suffers from an unquoted service path vulnerability. • https://medium.com/%40SumitVerma101/windows-privilege-escalation-part-1-unquoted-service-path-c7a011a8d8ae • CWE-428: Unquoted Search Path or Element •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25147
https://notcve.org/view.php?id=CVE-2023-25147
07 Mar 2023 — An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administrative access on the target system via another method in order to exploit this. • https://success.trendmicro.com/solution/000292209 • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25143
https://notcve.org/view.php?id=CVE-2023-25143
07 Mar 2023 — An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products. • https://success.trendmicro.com/solution/000292209 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1217 – Debian Security Advisory 5371-1
https://notcve.org/view.php?id=CVE-2023-1217
07 Mar 2023 — Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2023-1188 – FabulaTech Webcam for Remote Desktop IoControlCode ftwebcam.sys 0x222018 denial of service
https://notcve.org/view.php?id=CVE-2023-1188
06 Mar 2023 — A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42. It has been classified as problematic. Affected is the function 0x222018 in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. • https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1187 – FabulaTech Webcam for Remote Desktop Global Variable ftwebcam.sys denial of service
https://notcve.org/view.php?id=CVE-2023-1187
06 Mar 2023 — A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1187 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1186 – FabulaTech Webcam for Remote Desktop IOCTL ftwebcam.sys 0x222018 null pointer dereference
https://notcve.org/view.php?id=CVE-2023-1186
06 Mar 2023 — A vulnerability has been found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This vulnerability affects the function 0x222010/0x222018 in the library ftwebcam.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. • https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1186 • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0196
https://notcve.org/view.php?id=CVE-2023-0196
02 Mar 2023 — NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5446 • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0193
https://notcve.org/view.php?id=CVE-2023-0193
02 Mar 2023 — NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5446 • CWE-125: Out-of-bounds Read •