CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2023-26423 – ZDI-CAN-20160: Adobe Acrobat Reader DC AcroForm insertItemAt Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-26423
12 Apr 2023 — Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the tar... • https://helpx.adobe.com/security/products/acrobat/apsb23-24.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2023-26424 – ZDI-CAN-19833: Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-26424
12 Apr 2023 — Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the tar... • https://helpx.adobe.com/security/products/acrobat/apsb23-24.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 0CVE-2023-26425 – ZDI-CAN-19854: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-26425
12 Apr 2023 — Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Acrobat Reader versión 23.001.20093 (y anterior) y 20.005.30441 (... • https://helpx.adobe.com/security/products/acrobat/apsb23-24.html • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28308 – Windows DNS Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28308
11 Apr 2023 — Windows DNS Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28308 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28307 – Windows DNS Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28307
11 Apr 2023 — Windows DNS Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28307 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28306 – Windows DNS Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28306
11 Apr 2023 — Windows DNS Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28306 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 33%CPEs: 14EXPL: 0CVE-2023-28302 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-28302
11 Apr 2023 — Microsoft Message Queuing Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28302 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 6%CPEs: 14EXPL: 6CVE-2023-28293 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28293
11 Apr 2023 — Windows Kernel Elevation of Privilege Vulnerability The Windows kernel suffers from out-of-bounds read vulnerabilities when operating on invalid registry paths in CmpDoReDoCreateKey / CmpDoReOpenTransKey. • https://packetstorm.news/files/id/172300 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28256 – Windows DNS Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28256
11 Apr 2023 — Windows DNS Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28256 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28278 – Windows DNS Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28278
11 Apr 2023 — Windows DNS Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28278 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •