Windows 10 21H2 Security Vulnerabilities - 2023

CVE-2023-38161

Windows GDI Elevation of Privilege Vulnerability

CVE-2023-38166

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-38172

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2023-38184

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2023-38186

Windows Mobile Device Management Elevation of Privilege Vulnerability

CVE-2023-38254

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes. If the host name is...

CVE-2023-41765

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41766

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

CVE-2023-41767

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41768

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41769

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41770

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41771

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41772

Win32k Elevation of Privilege Vulnerability

CVE-2023-41773

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-41774

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.