CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28217 – Windows Network Address Translation (NAT) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-28217
11 Apr 2023 — Windows Network Address Translation (NAT) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28217 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.0EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28216 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28216
11 Apr 2023 — Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28216 •
CVSS: 7.8EPSS: 3%CPEs: 14EXPL: 0CVE-2023-24931 – Windows Secure Channel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-24931
11 Apr 2023 — Windows Secure Channel Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24931 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24914 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24914
11 Apr 2023 — Win32k Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24914 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 53%CPEs: 14EXPL: 0CVE-2023-21769 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21769
11 Apr 2023 — Microsoft Message Queuing Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21769 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 1%CPEs: 14EXPL: 0CVE-2023-21729 – Remote Procedure Call Runtime Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21729
11 Apr 2023 — Remote Procedure Call Runtime Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21729 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 2%CPEs: 14EXPL: 0CVE-2023-21727 – Remote Procedure Call Runtime Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21727
11 Apr 2023 — Remote Procedure Call Runtime Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21727 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27497 – Multiple vulnerabilities in SAP Diagnostics Agent (EventLogServiceCollector)
https://notcve.org/view.php?id=CVE-2023-27497
11 Apr 2023 — Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system. • https://launchpad.support.sap.com/#/notes/3305369 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28267 – Remote Desktop Protocol Client Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28267
11 Apr 2023 — Remote Desktop Protocol Client Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a remote desktop session to a host that has been compromised or otherwise under control of an attacker. The specific flaw exists within the Remote Desktop client. A crafted audio packet can trigger access to memory prior to initial... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28267 • CWE-126: Buffer Over-read •
CVSS: 7.6EPSS: 3%CPEs: 15EXPL: 0CVE-2023-28227 – Windows Bluetooth Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28227
11 Apr 2023 — Windows Bluetooth Driver Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of BNEP packets. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28227 • CWE-122: Heap-based Buffer Overflow •