CVSS: 7.5EPSS: 7%CPEs: 15EXPL: 7CVE-2023-36884 – Microsoft Windows Search Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36884
Windows Search Remote Code Execution Vulnerability Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution. • https://github.com/jakabakos/CVE-2023-36884-MS-Office-HTML-RCE https://github.com/Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline https://github.com/tarraschk/CVE-2023-36884-Checker https://github.com/zerosorai/CVE-2023-36884 https://github.com/raresteak/CVE-2023-36884 https://github.com/ridsoliveira/Fix-CVE-2023-36884 https://github.com/ToddMaxey/CVE-2023-36884 http://seclists.org/fulldisclosure/2023/Jul/43 https://msrc.microsoft.com/update-guide/vulner • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-36871 – Azure Active Directory Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36871
Azure Active Directory Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36871 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-35312 – Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35312
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35312 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2023-35309 – Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35309
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35309 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-35308 – Windows MSHTML Platform Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-35308
Windows MSHTML Platform Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35308 • CWE-73: External Control of File Name or Path •