‼ CVE-2023-36592 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Message Queuing Remote Code Execution Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36435 ‼
📖 Read
via "National Vulnerability Database".
Microsoft QUIC Denial of Service Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36417 ‼
📖 Read
via "National Vulnerability Database".
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36415 ‼
📖 Read
via "National Vulnerability Database".
Azure Identity SDK Remote Code Execution Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36429 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36564 ‼
📖 Read
via "National Vulnerability Database".
Windows Search Security Feature Bypass Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36561 ‼
📖 Read
via "National Vulnerability Database".
Azure DevOps Server Elevation of Privilege Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36419 ‼
📖 Read
via "National Vulnerability Database".
Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36789 ‼
📖 Read
via "National Vulnerability Database".
Skype for Business Remote Code Execution Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36717 ‼
📖 Read
via "National Vulnerability Database".
Windows Virtual Trusted Platform Module Denial of Service Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31096 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36585 ‼
📖 Read
via "National Vulnerability Database".
Active Template Library Denial of Service Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36596 ‼
📖 Read
via "National Vulnerability Database".
Remote Procedure Call Information Disclosure Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36563 ‼
📖 Read
via "National Vulnerability Database".
Microsoft WordPad Information Disclosure Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29348 ‼
📖 Read
via "National Vulnerability Database".
Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36720 ‼
📖 Read
via "National Vulnerability Database".
Windows Mixed Reality Developer Tools Denial of Service Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36578 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Message Queuing Remote Code Execution Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36584 ‼
📖 Read
via "National Vulnerability Database".
Windows Mark of the Web Security Feature Bypass Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36709 ‼
📖 Read
via "National Vulnerability Database".
Microsoft AllJoyn API Denial of Service Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36605 ‼
📖 Read
via "National Vulnerability Database".
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36698 ‼
📖 Read
via "National Vulnerability Database".
Windows Kernel Security Feature Bypass Vulnerability📖 Read
via "National Vulnerability Database".