CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-38154 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38154
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel has an issue where a partial success of registry hive log recovery may lead to inconsistent state and memory corruption. • https://packetstorm.news/files/id/174568 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-35387 – Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35387
08 Aug 2023 — Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of AVDTP commands. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2023-35386 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35386
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel suffers from out-of-bounds reads due to an integer overflow in registry .LOG file parsing. • https://packetstorm.news/files/id/174567 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35385 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35385
08 Aug 2023 — Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35384 – Windows HTML Platforms Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-35384
08 Aug 2023 — Windows HTML Platforms Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384 • CWE-73: External Control of File Name or Path •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35383 – Microsoft Message Queuing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-35383
08 Aug 2023 — Microsoft Message Queuing Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35383 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-35382 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35382
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability Microsoft Windows Kernel renaming layered keys does not reference count security descriptors, leading to a use-after-free condition. • https://packetstorm.news/files/id/174450 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35381 – Windows Fax Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35381
08 Aug 2023 — Windows Fax Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35381 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35380 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35380
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35380 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-35378 – Windows Projected File System Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35378
08 Aug 2023 — Windows Projected File System Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35378 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •