CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-21804 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21804
14 Feb 2023 — Windows Graphics Component Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21804 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2023-21803 – Windows iSCSI Discovery Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21803
14 Feb 2023 — Windows iSCSI Discovery Service Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21803 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21802 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21802
14 Feb 2023 — Windows Media Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of color conversion. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21802 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21801 – Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21801
14 Feb 2023 — Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21801 •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2023-21558 – Windows Error Reporting Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21558
10 Jan 2023 — Windows Error Reporting Service Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del servicio de informes de errores de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21558 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 43%CPEs: 21EXPL: 1CVE-2023-21746 – Windows NTLM Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21746
10 Jan 2023 — Windows NTLM Elevation of Privilege Vulnerability • https://github.com/Muhammad-Ali007/LocalPotato_CVE-2023-21746 •
CVSS: 7.1EPSS: 42%CPEs: 13EXPL: 3CVE-2023-21752 – Windows Backup Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21752
10 Jan 2023 — Windows Backup Service Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del servicio de copia de seguridad de Windows • https://www.exploit-db.com/exploits/51203 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21753 – Event Tracing for Windows Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21753
10 Jan 2023 — Event Tracing for Windows Information Disclosure Vulnerability Seguimiento de eventos para la vulnerabilidad de divulgación de información de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21753 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 5%CPEs: 22EXPL: 0CVE-2023-21757 – Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21757
10 Jan 2023 — Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del protocolo de túnel de capa 2 de Windows (L2TP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21757 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 55%CPEs: 15EXPL: 0CVE-2023-21758 – Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21758
10 Jan 2023 — Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de extensión de intercambio de claves de Internet (IKE) de Windows This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IKEEXT service, which listens on UDP ports 500 and 4500. A crafted Vendor ID payload can cause a ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21758 • CWE-476: NULL Pointer Dereference •