CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-1017 – TPM2.0 vulnerable to out-of-bounds write
https://notcve.org/view.php?id=CVE-2023-1017
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. An out-of-bounds write vulnerability was found in the TPM 2.0's Module Library, which allows the writing of 2-byte data after the end of the TPM command. This flaw may lead to a denial of service or arbitrary code execution within the libtpms scope. • https://kb.cert.org/vuls/id/782720 https://trustedcomputinggroup.org/about/security https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf https://access.redhat.com/security/cve/CVE-2023-1017 https://bugzilla.redhat.com/show_bug.cgi?id=2149416 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-1018 – TPM2.0 vulnerable to out-of-bounds read
https://notcve.org/view.php?id=CVE-2023-1018
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. An out-of-bound read vulnerability was found in the TPM 2.0's Module Library, which allows the reading of 2-byte data after the end of the TPM command. This flaw allows an attacker to leak confidential data stored within the libtpms context. • https://kb.cert.org/vuls/id/782720 https://trustedcomputinggroup.org/about/security https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf https://access.redhat.com/security/cve/CVE-2023-1018 https://bugzilla.redhat.com/show_bug.cgi?id=2149420 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 1CVE-2023-21674 – Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-21674
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de llamada a procedimiento local avanzado (ALPC) de Windows. Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/hd3s5aa/CVE-2023-21674 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674 • CWE-416: Use After Free •
CVSS: 5.4EPSS: 2%CPEs: 10EXPL: 0CVE-2022-44698 – Microsoft Defender SmartScreen Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-44698
Windows SmartScreen Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad SmartScreen de Windows Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 56%CPEs: 18EXPL: 0CVE-2022-41128 – Microsoft Windows Scripting Languages Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41128
Windows Scripting Languages Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Windows Scripting Languages Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128 • CWE-787: Out-of-bounds Write •