CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 9CVE-2023-28252 – Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-28252
11 Apr 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows Common Log File System Driver Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. • https://packetstorm.news/files/id/174668 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-28274 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28274
11 Apr 2023 — Windows Win32k Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28274 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-28273 – Windows Clip Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28273
11 Apr 2023 — Windows Clip Service Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28273 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28250 – Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28250
11 Apr 2023 — Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28250 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0CVE-2023-28249 – Windows Boot Manager Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-28249
11 Apr 2023 — Windows Boot Manager Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28249 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28272 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28272
11 Apr 2023 — Windows Kernel Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28272 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 1CVE-2023-28271 – Windows Kernel Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28271
11 Apr 2023 — Windows Kernel Memory Information Disclosure Vulnerability The Windows Kernel suffers from a disclosure of kernel pointers and uninitialized memory through registry KTM transaction log files. • https://packetstorm.news/files/id/172298 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2023-28248 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28248
11 Apr 2023 — Windows Kernel Elevation of Privilege Vulnerability In Windows Registry, security descriptors are shared by multiple keys, and thus reference counted via the _CM_KEY_SECURITY.ReferenceCount field. It is critical for system security that the kernel correctly keeps track of the references, so that the sum of the ReferenceCount fields is equal to the number of keys in the hive at all times (with small exceptions for things like transacted and not yet committed operations etc.). If the ReferenceCount of any des... • https://packetstorm.news/files/id/172283 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2023-28270 – Windows Lock Screen Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-28270
11 Apr 2023 — Windows Lock Screen Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28270 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28246 – Windows Registry Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28246
11 Apr 2023 — Windows Registry Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28246 • CWE-284: Improper Access Control •