CVE-2023-36884 – Microsoft Windows Search Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36884
Windows Search Remote Code Execution Vulnerability Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution. • https://github.com/jakabakos/CVE-2023-36884-MS-Office-HTML-RCE https://github.com/Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline https://github.com/tarraschk/CVE-2023-36884-Checker https://github.com/zerosorai/CVE-2023-36884 https://github.com/raresteak/CVE-2023-36884 https://github.com/ridsoliveira/Fix-CVE-2023-36884 https://github.com/ToddMaxey/CVE-2023-36884 http://seclists.org/fulldisclosure/2023/Jul/43 https://msrc.microsoft.com/update-guide/vulner • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2021-42287 – Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42287
Active Directory Domain Services Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Active Directory Domain Services. Este ID de CVE es diferente de CVE-2021-42278, CVE-2021-42282, CVE-2021-42291 Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42287 •