Lucene search
K

113 matches found

CVE
CVE
added 2023/10/10 5:7 p.m.411 views

CVE-2023-36589

The CVE-2023-36589 entry corresponds to a Microsoft Message Queuing (MSMQ) Remote Code Execution vulnerability. Public records in connected documents confirm MSMQ is the affected component, with a local attack vector and user interaction required. The CVSS 3.1 base metrics (AV:L, AC:L, PR:L, UI:R...

7.3CVSS8.4AI score0.00967EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.400 views

CVE-2023-36591

Technical details (affected product versions, root cause, exploit information) are not publicly available in the provided documents; monitor for updates from official advisories and vendor advisories.

7.3CVSS8.4AI score0.00921EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.398 views

CVE-2023-36590

Technical details about CVE-2023-36590 (affected MSMQ RCE) are not publicly provided in the supplied connected documents. Please monitor for updates from official advisories and vulnerability databases for affected products, vulnerable components, impact, and fixes.

7.3CVSS8.4AI score0.00977EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.397 views

CVE-2023-36697

Technical details about CVE-2023-36697 are not publicly available in the provided documents; monitor for updates.

8CVSS8.1AI score0.02133EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.393 views

CVE-2023-36592

CVE-2023-36592 concerns Microsoft Message Queuing (MSMQ) Remote Code Execution. Connected CNVD-2023-84129 notes a remote code execution vulnerability in MSMQ. The CVSS metrics in the Initial document indicate Local attack vector, Low privileges required, User interaction, and high impact across c...

7.3CVSS8.4AI score0.00967EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.389 views

CVE-2023-36581

CVE-2023-36581 corresponds to a Denial of Service vulnerability in Microsoft Message Queuing (MSMQ). Public records in the connected CNVD entry describe a MSMQ DoS issue, but the available documents do not provide concrete technical details such as affected versions, root cause, specific exploit ...

7.5CVSS8.4AI score0.02395EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.389 views

CVE-2023-36593

Technical details for CVE-2023-36593 are not publicly provided in the supplied documents. Monitor for updates from official advisories (MSRC/NVD) to obtain affected products, impact, and fixes.

7.8CVSS8.4AI score0.00987EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.389 views

CVE-2023-36606

Technical details for CVE-2023-36606 are not publicly available in the provided documents. Monitor for updates from vendor/security advisories.

7.5CVSS8.4AI score0.67246EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.378 views

CVE-2023-36582

Technical details about CVE-2023-36582 are not publicly available in the provided connected documents. Monitor for updates from official advisories.

7.3CVSS8.4AI score0.00977EPSS
CVE
CVE
added 2022/03/09 5:7 p.m.376 views

CVE-2022-24503

CVE-2022-24503 is a Remote Desktop Protocol Client Information Disclosure vulnerability. Connected sources indicate it affects Windows Remote Desktop Client and can be triggered over the network with no authentication and no user interaction, exposing partial confidentiality (C:L). The issue is t...

5.4CVSS6.6AI score0.02215EPSS
CVE
CVE
added 2023/10/10 5:7 p.m.374 views

CVE-2023-36583

CVE-2023-36583 is a Microsoft Message Queuing (MSMQ) Remote Code Execution vulnerability. The NVD entry lists a CVSS v3.1 base score of 7.3 (HIGH) with LOCAL attack vector, LOW attack complexity, LOW privileges required, user interaction needed, and a scope of UNCHANGED. The impact is HIGH on con...

7.3CVSS8.4AI score0.00977EPSS
CVE
CVE
added 2022/03/09 5:8 p.m.306 views

CVE-2022-24505

CVE-2022-24505 is a Windows ALPC Elevation of Privilege vulnerability. The connected sources confirm a local privilege escalation in the Windows ALPC mechanism, enabling an attacker with local access to obtain high/ SYSTEM-like privileges. The NVD/CVSS data show a CVSS 3.1 base score of 7.0 (HIGH...

7CVSS7.6AI score0.00337EPSS
CVE
CVE
added 2023/04/27 6:48 p.m.198 views

CVE-2023-21712

CVE-2023-21712 describes a Windows PPTP/RAS Remote Code Execution vulnerability. A race condition in the Point-to-Point Tunneling Protocol could allow unauthenticated, network-based attackers to execute arbitrary code in the RAS environment. The issue affects Windows Remote Access Service compone...

8.1CVSS8.2AI score0.00993EPSS
CVE
CVE
added 2023/08/08 5:8 p.m.198 views

CVE-2023-36903

No technical details for CVE-2023-36903 are provided in the supplied documents; only the vulnerability title is present. Monitor for updates.

9.8CVSS8.6AI score0.01588EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.185 views

CVE-2023-21817

The provided documents do not contain technical details about CVE-2023-21817 (affected product/component, root cause, impact, or remediation). Technical specifics are not publicly available here. Monitor for updates and authoritative disclosures.

7.8CVSS7.7AI score0.00778EPSS
CVE
CVE
added 2022/03/09 5:7 p.m.177 views

CVE-2022-24502

Technical details about CVE-2022-24502 are not provided in the supplied documents. The provided materials do not include affected products/versions/root cause/fix information. Monitor for updates.

6.5CVSS6.1AI score0.32391EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.173 views

CVE-2023-24859

CVE-2023-24859 is a Windows vulnerability described as a denial-of-service issue in the Windows Internet Key Exchange (IKE) extension. The available data identifies the affected component as the IKE extension and notes impact as availability degradation (DoS) with network attack vector and no use...

7.5CVSS7.4AI score0.01654EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.168 views

CVE-2023-21812

CVE-2023-21812 is a Windows vulnerability in the Common Log File System Driver (CLFS) that enables Elevation of Privilege. The NVD entry lists a CVSS v3.1 base score of 7.8 (HIGH) with LOCAL attack vector, LOW attack complexity, LOW privileges required, and no user interaction; impact is HIGH on ...

7.8CVSS7.6AI score0.03566EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.167 views

CVE-2023-23420

CVE-2023-23420 is a Windows Registry hive memory corruption bug (UAF) tied to transacted key rename. The exploit plan targets the HKCU hive (volatile storage) via a lightweight or KTM transaction sequence that renames a key, then frees keys in a transaction, producing a layout where freed cells c...

7.8CVSS7.6AI score0.00749EPSS
CVE
CVE
added 2017/06/15 1:0 a.m.163 views

CVE-2017-0283

CVE-2017-0283 is described in the connected MSKB as a remote code execution vulnerability in Microsoft Office components that could be triggered by opening a specially crafted Office file. The MSKB describes a security update KB3191937 for Skype for Business 2015 (Lync 2013) that addresses CVE-20...

9.3CVSS6.4AI score0.39019EPSS
CVE
CVE
added 2023/08/08 5:8 p.m.161 views

CVE-2023-36910

CVE-2023-36910 is a remote code execution vulnerability in Microsoft Message Queuing (MSMQ) that can be exploited remotely on affected Windows platforms (Windows 10/11 and Windows Server 2008–2022) without user interaction. The issue is formally described as MSMQ RCE with a high severity rating (...

9.8CVSS9.6AI score0.02352EPSS
CVE
CVE
added 2023/08/08 5:8 p.m.160 views

CVE-2023-36911

CVE-2023-36911 is a remote code execution vulnerability in Microsoft Message Queuing (MSMQ). The connected NVD entry lists a critical CVSS v3.1 score of 9.8 (Network vector, no privileges required, no user interaction) with high impact on confidentiality, integrity, and availability. Public techn...

9.8CVSS9.6AI score0.01645EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.155 views

CVE-2023-21805

Technical details about CVE-2023-21805 are not publicly provided in the supplied documents. Monitor for updates.

7.8CVSS7.8AI score0.00737EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.155 views

CVE-2023-24858

CVE-2023-24858 concerns an information-disclosure vulnerability in Microsoft’s PostScript and PCL6 Class Printer Driver. The issue, affecting the printer driver component, exposes confidential data via the affected driver surfaces. CVSS metrics from NVD indicate network vector, high confidentiali...

7.5CVSS7.2AI score0.01425EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.153 views

CVE-2023-23423

CVE-2023-23423 is a Windows Kernel Elevation of Privilege vulnerability tied to hive memory corruption in the Windows Registry (HKCU/HKLM hives). The connected Project Zero analysis provides concrete exploitation details: a memory-corruption primitive in hive data can be combined with a crafted o...

7.8CVSS7.6AI score0.00596EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.151 views

CVE-2023-21822

Technical details for CVE-2023-21822 are not publicly available in the provided documents. Monitor for updates.

7.8CVSS7.7AI score0.00764EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.151 views

CVE-2023-23422

CVE-2023-23422 is a Windows kernel elevation-of-privilege vulnerability described in the Registry hive memory‑corruption research. The exposed flaw is a local, kernel‑level issue where memory corruption in a registry hive (notably HKCU) can be triggered to craft an out‑of‑bounds cell index that r...

7.8CVSS7.6AI score0.00596EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.150 views

CVE-2017-0158

CVE-2017-0158 is a Windows scripting engine memory corruption vulnerability. The issue arises from improper handling/sanitization of in-memory handles in the Scripting Engine, enabling remote code execution when a user visits a malicious site or opens a crafted document. Affected platforms includ...

7.6CVSS7.5AI score0.12558EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.150 views

CVE-2023-21803

CVE-2023-21803 corresponds to a Windows iSCSI Discovery Service Remote Code Execution vulnerability. The available data shows a critical 9.8 CVSSv3.1 score with network attack vector , no privileges required , and no user interaction ; impact is shown as High for confidentiality, integrity, and a...

9.8CVSS9.6AI score0.01765EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.149 views

CVE-2023-21813

Technical details on CVE-2023-21813 are not provided in the furnished documents; no affected products, exploit info, or fixes are described here. Monitor for updates from official advisories.

7.5CVSS7.4AI score0.01654EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.148 views

CVE-2023-24856

Technical details about CVE-2023-24856 are not publicly available in the provided connected documents. The entry lacks affected products/versions or exploit information. Monitor for updates from official sources to obtain concrete details, impact, and remediation.

7.5CVSS7.2AI score0.01495EPSS
CVE
CVE
added 2023/08/08 5:8 p.m.148 views

CVE-2023-36906

Technical details for CVE-2023-36906 are not publicly provided in the supplied documents. No affected products, root cause, or fixes are confirmed here. Monitor for updates.

7.5CVSS7AI score0.01963EPSS
CVE
CVE
added 2023/08/08 5:8 p.m.144 views

CVE-2023-36900

CVE-2023-36900 affects the Windows Common Log File System (CLFS) driver, enabling Elevation of Privilege via an integer overflow/wraparound vulnerability. The connected exploit repository documents a PoC labeled as an exploit for an Integer Overflow or Wraparound in Microsoft CLFS, with a Denial-...

7.8CVSS8.6AI score0.12053EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.142 views

CVE-2023-21818

Technical details for CVE-2023-21818 are not publicly provided in the supplied documents. The available sources reference the CVE within larger Windows vulnerability lists but do not disclose affected products, root cause, impact, or fixes.

7.5CVSS7.4AI score0.43172EPSS
CVE
CVE
added 2023/03/14 4:55 p.m.142 views

CVE-2023-23421

CVE-2023-23421 is part of a family of hive-memory-corruption bugs in the Windows Registry (kernel) that enable local privilege escalation. The connected analysis shows an attacker-controlled hive memory‑corruption primitive (e.g., UAF in a registry key or related hive data) that can be exploited ...

7.8CVSS7.6AI score0.00674EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.141 views

CVE-2023-21802

Technical details (affected product/component/versions/root cause and fixes) for CVE-2023-21802 are not publicly available in the provided documents. Monitor for updates from official CVE/NVD/KB sources.

7.8CVSS7.8AI score0.00642EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.140 views

CVE-2017-0211

CVE-2017-0211 is a Windows OLE/COM elevation-of-privilege issue where a Structured Storage object can be exposed across a security boundary via a property bag, enabling creation of a remote COM object in the server process and potential privilege escalation. Google Project Zero details show how I...

5.5CVSS6.4AI score0.13975EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.138 views

CVE-2023-21804

Technical details about CVE-2023-21804 are not publicly available in the provided documents. Monitor for updates from Microsoft and related CVE references to obtain affected products, impact, and remediation.

7.8CVSS7.7AI score0.00422EPSS
CVE
CVE
added 2023/08/08 5:8 p.m.135 views

CVE-2023-36909

Technical details for CVE-2023-36909 are not publicly provided in the supplied documents. No affected products, root cause, or remediation details are present here. Monitor for updates.

6.5CVSS7.7AI score0.01855EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.132 views

CVE-2017-0181

CVE-2017-0181 affects the Windows Hyper-V Network Switch on Windows 10/Windows Server 2016 hosts. The vulnerability is a remote code execution caused by improper validation of input from the guest OS, requiring an authenticated user on the guest. Connected sources confirm Hyper-V input validation...

7.6CVSS7.8AI score0.03147EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.132 views

CVE-2018-0971

CVE-2018-0971 is an information-disclosure vulnerability in the Windows kernel that could enable an attacker to bypass Kernel ASLR. The Initial description lists affected Windows versions (multiple client/server editions). Connected documents show exploitation references: CIRCL entries for CVE-20...

5.5CVSS5AI score0.0358EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.132 views

CVE-2023-21694

Technical details about CVE-2023-21694 are not publicly provided in the supplied documents. The connected records do not specify affected products, root cause, remediation, or exploit status. Monitor for official disclosures and updates.

6.8CVSS7AI score0.00558EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.132 views

CVE-2023-21695

Technical details about CVE-2023-21695 are not publicly available in the provided documents. Monitor for updates from official sources; no concrete exploit/vector/impact details are provided here.

8.8CVSS8.2AI score0.01048EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.132 views

CVE-2023-21801

CVE-2023-21801 affects Microsoft PostScript and PCL6 Class Printer Driver and is described as a Remote Code Execution vulnerability. Connected documents confirm the vulnerability exists in these printer drivers but do not provide concrete details on affected product versions, root cause specifics...

7.8CVSS7.8AI score0.00406EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.132 views

CVE-2023-21816

No concrete technical details about CVE-2023-21816 are present in the connected documents. The initial description only notes a Windows AD DS DoS. Monitor official advisories and vendor updates for remediation, affected versions, impact, and patch information.

7.5CVSS7.4AI score0.01735EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.132 views

CVE-2023-21820

Technical details (affected product/version, root cause, impact, or fix) are not publicly available in the provided documents. Monitor for updates.

7.4CVSS7.6AI score0.00632EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.127 views

CVE-2023-21693

Technical details about CVE-2023-21693 are not publicly provided in the supplied connected documents. No specifics on affected products, root cause, or remediation are included here. Monitor for updates from official sources.

5.7CVSS5.5AI score0.01381EPSS
CVE
CVE
added 2023/02/14 7:33 p.m.125 views

CVE-2023-21700

Technical details for CVE-2023-21700 are not publicly available in the provided documents. No concrete affected products, root cause, or remediation are confirmed here. Monitor official sources for updates and published fixes.

7.5CVSS7.5AI score0.01654EPSS
CVE
CVE
added 2016/05/11 1:0 a.m.123 views

CVE-2016-0174

CVE-2016-0174 describes a local privilege escalation in Windows kernel-mode drivers (Win32k) affecting multiple Windows family versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, Server 2012, RT 8.1, and Windows 10 1511/Gold). The vulnerability allows a locally authenticated attacker to gain hig...

7.8CVSS7.5AI score0.02485EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.123 views

CVE-2018-0974

CVE-2018-0974 is a Windows kernel information disclosure vulnerability that could enable an attacker to obtain information facilitating a Kernel ASLR bypass. Affected are Windows client and server families including Windows 7, Server 2008/2008 R2, 8.1, 10 (and Server equivalents). The vulnerabili...

5.5CVSS5AI score0.0358EPSS
Total number of security vulnerabilities113