CVSS: 7.8EPSS: 4%CPEs: 30EXPL: 0CVE-2023-21527 – Windows iSCSI Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21527
10 Jan 2023 — Windows iSCSI Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio Windows iSCSI • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21527 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 0CVE-2023-21532 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21532
10 Jan 2023 — Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of bitmap objects. The issue results from the lack of validating the existence of an object prior to performing o... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21532 • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 28EXPL: 0CVE-2023-21535 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21535
10 Jan 2023 — Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Windows Secure Socket Tunneling Protocol (SSTP). • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21535 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1CVE-2023-21537 – Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21537
10 Jan 2023 — Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Message Queuing (MSMQ) • https://github.com/stevenjoezhang/CVE-2023-21537 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2023-21541 – Windows Task Scheduler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21541
10 Jan 2023 — Windows Task Scheduler Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21541 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21542 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21542
10 Jan 2023 — Windows Installer Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del instalador de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a junction, an attacker can abuse the service to create files in a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21542 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-269: Improper Privilege Management CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.1EPSS: 1%CPEs: 31EXPL: 0CVE-2023-21543 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21543
10 Jan 2023 — Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del protocolo de túnel de capa 2 de Windows (L2TP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21543 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 31EXPL: 0CVE-2023-21546 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21546
10 Jan 2023 — Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del protocolo de túnel de capa 2 de Windows (L2TP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21546 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 8.1EPSS: 0%CPEs: 31EXPL: 0CVE-2023-21548 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21548
10 Jan 2023 — Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del protocolo de túnel de socket seguro (SSTP) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21548 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 7.8EPSS: 1%CPEs: 31EXPL: 0CVE-2023-21552 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21552
10 Jan 2023 — Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Windows GDI • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21552 • CWE-269: Improper Privilege Management CWE-416: Use After Free •