CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38152 – DHCP Server Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38152
DHCP Server Service Information Disclosure Vulnerability Vulnerabilidad de Divulgación de Información del Servicio del Servidor DHCP • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38152 • CWE-126: Buffer Over-read CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38161 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38161
Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38161 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-38162 – DHCP Server Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-38162
DHCP Server Service Denial of Service Vulnerability Vulnerabilidad de Denegación de Servicio del Servicio del Servidor DHCP • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38162 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-35355 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35355
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Controlador del Minifiltro de Achivos en la Nube de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35355 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 1CVE-2022-47637
https://notcve.org/view.php?id=CVE-2022-47637
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges. El instalador en XAMPP hasta 8.1.12 permite a los usuarios locales escribir en el directorio C:\xampp. Los casos de uso comunes ejecutan archivos en C:\xampp con privilegios administrativos. • https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdf • CWE-281: Improper Preservation of Permissions •