CVE-2023-21758 – Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21758
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de extensión de intercambio de claves de Internet (IKE) de Windows This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IKEEXT service, which listens on UDP ports 500 and 4500. A crafted Vendor ID payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21758 • CWE-476: NULL Pointer Dereference •
CVE-2023-21766 – Windows Overlay Filter Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21766
Windows Overlay Filter Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del filtro de superposición de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21766 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVE-2022-44689 – Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-44689
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows Subsystem for Linux (WSL2). • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44689 •
CVE-2022-41121 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41121
Windows Graphics Component Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Windows Graphics Component. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the StretchBlt graphics primitive. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41121 •
CVE-2022-44681 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-44681
Windows Print Spooler Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Print Spooler • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44681 •