CVSS: 8.1EPSS: 0%CPEs: 31EXPL: 0CVE-2023-21679 – Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21679
10 Jan 2023 — Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del protocolo de túnel de capa 2 de Windows (L2TP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21679 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2023-21558 – Windows Error Reporting Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21558
10 Jan 2023 — Windows Error Reporting Service Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del servicio de informes de errores de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21558 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2023-21561 – Microsoft Cryptographic Services Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21561
10 Jan 2023 — Microsoft Cryptographic Services Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de los servicios criptográficos de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21561 • CWE-190: Integer Overflow or Wraparound CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-21542 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21542
10 Jan 2023 — Windows Installer Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del instalador de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a junction, an attacker can abuse the service to create files in a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21542 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-269: Improper Privilege Management CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 0%CPEs: 31EXPL: 0CVE-2023-21681 – Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21681
10 Jan 2023 — Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Proveedor Microsoft WDAC OLE DB para la vulnerabilidad de ejecución remota de código de SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21681 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2023-21730 – Microsoft Cryptographic Services Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21730
10 Jan 2023 — Microsoft Cryptographic Services Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Cryptographic Services • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21730 • CWE-190: Integer Overflow or Wraparound CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 1CVE-2023-21747 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21747
10 Jan 2023 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows The Microsoft Windows kernel suffers from a use-after-free vulnerability due to a dangling registry link node under paged pool memory pressure. • https://packetstorm.news/files/id/170933 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 10%CPEs: 13EXPL: 1CVE-2023-21674 – Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-21674
10 Jan 2023 — Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de llamada a procedimiento local avanzado (ALPC) de Windows. Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/hd3s5aa/CVE-2023-21674 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1CVE-2023-21537 – Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21537
10 Jan 2023 — Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Message Queuing (MSMQ) • https://github.com/stevenjoezhang/CVE-2023-21537 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.0EPSS: 0%CPEs: 17EXPL: 1CVE-2023-21739 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21739
10 Jan 2023 — Windows Bluetooth Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador Bluetooth de Windows • https://github.com/gmh5225/CVE-2023-21739 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •