CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35377 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-35377
08 Aug 2023 — Microsoft Message Queuing Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35376 – Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-35376
08 Aug 2023 — Microsoft Message Queuing Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-36889 – Windows Group Policy Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36889
08 Aug 2023 — Windows Group Policy Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36889 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2023-36882 – Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36882
08 Aug 2023 — Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-35359 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35359
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Furthermore, exploitation is possible only in limited circumstances. The specific flaw exists within the processing of unhandled exceptions. By redirecting a DOS device, an attacker can abuse a high-privileged ser... • https://packetstorm.news/files/id/174528 • CWE-23: Relative Path Traversal •
CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 0CVE-2023-20588 – Speculative Leaks
https://notcve.org/view.php?id=CVE-2023-20588
08 Aug 2023 — A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Un error de división por cero en algunos procesadores AMD puede potencialmente devolver datos especulativos que resulten en una pérdida de confidencialidad. It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device ... • http://www.openwall.com/lists/oss-security/2023/09/25/3 • CWE-369: Divide By Zero •
CVSS: 5.6EPSS: 0%CPEs: 301EXPL: 1CVE-2023-20569 – amd: Return Address Predictor vulnerability leading to information disclosure
https://notcve.org/view.php?id=CVE-2023-20569
08 Aug 2023 — A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. Una vulnerabilidad de canal lateral en algunas de las CPU de AMD puede permitir que un atacante influya en la predicción de la dirección de retorno. Esto puede dar lugar a una ejecución especulativa en una dirección controlada por el atacante, lo que podría conducir a l... • http://www.openwall.com/lists/oss-security/2023/08/08/4 • CWE-203: Observable Discrepancy •
CVSS: 7.6EPSS: 15%CPEs: 15EXPL: 9CVE-2023-36884 – Microsoft Windows Search Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36884
11 Jul 2023 — Windows Search Remote Code Execution Vulnerability Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution. • https://github.com/jakabakos/CVE-2023-36884-MS-Office-HTML-RCE • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-36871 – Azure Active Directory Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36871
11 Jul 2023 — Azure Active Directory Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36871 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-35312 – Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35312
11 Jul 2023 — Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35312 • CWE-190: Integer Overflow or Wraparound •