CVSS: 5.6EPSS: 0%CPEs: 301EXPL: 1CVE-2023-20569 – amd: Return Address Predictor vulnerability leading to information disclosure
https://notcve.org/view.php?id=CVE-2023-20569
08 Aug 2023 — A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. Una vulnerabilidad de canal lateral en algunas de las CPU de AMD puede permitir que un atacante influya en la predicción de la dirección de retorno. Esto puede dar lugar a una ejecución especulativa en una dirección controlada por el atacante, lo que podría conducir a l... • http://www.openwall.com/lists/oss-security/2023/08/08/4 • CWE-203: Observable Discrepancy •
CVSS: 7.6EPSS: 93%CPEs: 15EXPL: 9CVE-2023-36884 – Microsoft Windows Search Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36884
11 Jul 2023 — Windows Search Remote Code Execution Vulnerability Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution. • https://github.com/jakabakos/CVE-2023-36884-MS-Office-HTML-RCE • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-36871 – Azure Active Directory Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36871
11 Jul 2023 — Azure Active Directory Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36871 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-35312 – Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35312
11 Jul 2023 — Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35312 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35309 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35309
11 Jul 2023 — Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35309 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-35308 – Windows MSHTML Platform Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-35308
11 Jul 2023 — Windows MSHTML Platform Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35308 • CWE-73: External Control of File Name or Path •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-35306 – Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-35306
11 Jul 2023 — Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35306 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-35305 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35305
11 Jul 2023 — Windows Kernel Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35305 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-35304 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35304
11 Jul 2023 — Windows Kernel Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35304 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35303 – USB Audio Class System Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35303
11 Jul 2023 — USB Audio Class System Driver Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35303 • CWE-20: Improper Input Validation •