Page 91 of 3633 results (0.010 seconds)

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0

Windows Installer Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Windows Installer service. By creating a junction, an attacker can abuse the service to change permissions on an arbitrary file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32050 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

Windows MSHTML Platform Elevation of Privilege Vulnerability Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation. • http://seclists.org/fulldisclosure/2023/Jul/43 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046 •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

Microsoft Message Queuing Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32045 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

Microsoft Message Queuing Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32044 • CWE-125: Out-of-bounds Read •

CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0

Windows Remote Desktop Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32043 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •