CVSS: 5.3EPSS: 1%CPEs: 14EXPL: 0CVE-2023-21729 – Remote Procedure Call Runtime Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21729
11 Apr 2023 — Remote Procedure Call Runtime Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21729 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 2%CPEs: 14EXPL: 0CVE-2023-21727 – Remote Procedure Call Runtime Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21727
11 Apr 2023 — Remote Procedure Call Runtime Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21727 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.6EPSS: 3%CPEs: 15EXPL: 0CVE-2023-28227 – Windows Bluetooth Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28227
11 Apr 2023 — Windows Bluetooth Driver Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of BNEP packets. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28227 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28267 – Remote Desktop Protocol Client Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28267
11 Apr 2023 — Remote Desktop Protocol Client Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a remote desktop session to a host that has been compromised or otherwise under control of an attacker. The specific flaw exists within the Remote Desktop client. A crafted audio packet can trigger access to memory prior to initial... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28267 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2023-24910 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24910
14 Mar 2023 — Windows Graphics Component Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24910 • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 1%CPEs: 16EXPL: 0CVE-2023-24869 – Remote Procedure Call Runtime Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24869
14 Mar 2023 — Remote Procedure Call Runtime Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24869 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 1%CPEs: 16EXPL: 0CVE-2023-24908 – Remote Procedure Call Runtime Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24908
14 Mar 2023 — Remote Procedure Call Runtime Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24908 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-24862 – Windows Secure Channel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-24862
14 Mar 2023 — Windows Secure Channel Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24862 • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-24861 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-24861
14 Mar 2023 — Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage th... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24861 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-23423 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23423
14 Mar 2023 — Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel suffers from multiple issues in the prepare/commit phase of a transactional registry key rename. • https://packetstorm.news/files/id/171866 •