CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 7CVE-2023-21768 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21768
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Controlador de función auxiliar de Windows para la vulnerabilidad de elevación de privilegios de WinSock • https://github.com/zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit https://github.com/Malwareman007/CVE-2023-21768 https://github.com/3yujw7njai/CVE-2023-21768-POC https://github.com/xboxoneresearch/CVE-2023-21768-dotnet https://github.com/h1bAna/CVE-2023-21768 https://github.com/Ha0-Y/CVE-2023-21768 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21768 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/local/cve_2023_21768_afd&# • CWE-822: Untrusted Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2023-21776 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21776
Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del kernel de Windows The Windows kernel suffers from out-of-bounds read vulnerabilities when operating on invalid registry paths in CmpDoReDoCreateKey / CmpDoReOpenTransKey. • http://packetstormsecurity.com/files/172300/Windows-Kernel-CmpDoReDoCreateKey-CmpDoReOpenTransKey-Out-Of-Bounds-Read.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21776 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21758 – Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21758
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de extensión de intercambio de claves de Internet (IKE) de Windows This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IKEEXT service, which listens on UDP ports 500 and 4500. A crafted Vendor ID payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21758 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-41077 – Windows Fax Compose Form Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41077
Windows Fax Compose Form Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Fax Compose Form. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41077 •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-44667 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-44667
Windows Media Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Windows Media • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44667 •