CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-23393 – Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23393
14 Mar 2023 — Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23393 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2023-23388 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23388
14 Mar 2023 — Windows Bluetooth Driver Elevation of Privilege Vulnerability • https://github.com/ynwarcs/CVE-2023-23388 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.0EPSS: 0%CPEs: 16EXPL: 0CVE-2023-23385 – Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23385
14 Mar 2023 — Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23385 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-1017 – TPM2.0 vulnerable to out-of-bounds write
https://notcve.org/view.php?id=CVE-2023-1017
28 Feb 2023 — An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. An out-of-bounds write vulnerability was found in the TPM 2.0's Module Library, which allows the writing of 2-byte data after the end of... • https://kb.cert.org/vuls/id/782720 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-1018 – TPM2.0 vulnerable to out-of-bounds read
https://notcve.org/view.php?id=CVE-2023-1018
28 Feb 2023 — An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. An out-of-bound read vulnerability was found in the TPM 2.0's Module Library, which allows the reading of 2-byte data after the end of the TPM command. This flaw allows an attacker to leak confidential data stored within the libtpms... • https://kb.cert.org/vuls/id/782720 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 45%CPEs: 28EXPL: 1CVE-2023-21823 – Microsoft Windows Graphic Component Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-21823
14 Feb 2023 — Windows Graphics Component Remote Code Execution Vulnerability Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/Elizarfish/CVE-2023-21823 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-23376 – Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-23376
14 Feb 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23376 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21702 – Windows iSCSI Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21702
14 Feb 2023 — Windows iSCSI Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21702 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21701 – Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21701
14 Feb 2023 — Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21701 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21700 – Windows iSCSI Discovery Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21700
14 Feb 2023 — Windows iSCSI Discovery Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21700 • CWE-476: NULL Pointer Dereference •