CVSS: 7.7EPSS: 3%CPEs: 11EXPL: 0CVE-2023-24948 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24948
09 May 2023 — Windows Bluetooth Driver Elevation of Privilege Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of AVDTP packets. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to me... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24948 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-24947 – Windows Bluetooth Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24947
09 May 2023 — Windows Bluetooth Driver Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24947 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-24946 – Windows Backup Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24946
09 May 2023 — Windows Backup Service Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24946 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 5.5EPSS: 1%CPEs: 15EXPL: 0CVE-2023-24945 – Windows iSCSI Target Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-24945
09 May 2023 — Windows iSCSI Target Service Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24945 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-24944 – Windows Bluetooth Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-24944
09 May 2023 — Windows Bluetooth Driver Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24944 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2023-24905 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24905
09 May 2023 — Remote Desktop Client Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24905 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 6%CPEs: 15EXPL: 0CVE-2023-24943 – Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24943
09 May 2023 — Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24943 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 2%CPEs: 14EXPL: 0CVE-2023-24903 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24903
09 May 2023 — Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24903 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-415: Double Free •
CVSS: 7.8EPSS: 18%CPEs: 15EXPL: 0CVE-2023-24942 – Remote Procedure Call Runtime Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-24942
09 May 2023 — Remote Procedure Call Runtime Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24942 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 2%CPEs: 13EXPL: 0CVE-2023-24901 – Windows NFS Portmapper Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-24901
09 May 2023 — Windows NFS Portmapper Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24901 • CWE-126: Buffer Over-read •