CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2282
https://notcve.org/view.php?id=CVE-2023-2282
Improper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and earlier on Windows allows an authenticated user to bypass administrator-enforced Web Login restrictions and gain access to entries via an unexpected vector. • https://devolutions.net/security/advisories/DEVO-2023-0012 •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28267 – Remote Desktop Protocol Client Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28267
Remote Desktop Protocol Client Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a remote desktop session to a host that has been compromised or otherwise under control of an attacker. The specific flaw exists within the Remote Desktop client. A crafted audio packet can trigger access to memory prior to initialization. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the Remote Desktop client process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28267 • CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2023-1188 – FabulaTech Webcam for Remote Desktop IoControlCode ftwebcam.sys 0x222018 denial of service
https://notcve.org/view.php?id=CVE-2023-1188
A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42. It has been classified as problematic. Affected is the function 0x222018 in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. • https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188 https://vuldb.com/?ctiid.222360 https://vuldb.com/?id.222360 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1187 – FabulaTech Webcam for Remote Desktop Global Variable ftwebcam.sys denial of service
https://notcve.org/view.php?id=CVE-2023-1187
A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1187 https://vuldb.com/?ctiid.222359 https://vuldb.com/?id.222359 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1186 – FabulaTech Webcam for Remote Desktop IOCTL ftwebcam.sys 0x222018 null pointer dereference
https://notcve.org/view.php?id=CVE-2023-1186
A vulnerability has been found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This vulnerability affects the function 0x222010/0x222018 in the library ftwebcam.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. • https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1186 https://vuldb.com/?ctiid.222358 https://vuldb.com/?id.222358 • CWE-476: NULL Pointer Dereference •