113 matches found
CVE-2023-36589
The CVE-2023-36589 entry corresponds to a Microsoft Message Queuing (MSMQ) Remote Code Execution vulnerability. Public records in connected documents confirm MSMQ is the affected component, with a local attack vector and user interaction required. The CVSS 3.1 base metrics (AV:L, AC:L, PR:L, UI:R...
CVE-2023-36591
Technical details (affected product versions, root cause, exploit information) are not publicly available in the provided documents; monitor for updates from official advisories and vendor advisories.
CVE-2023-36590
Technical details about CVE-2023-36590 (affected MSMQ RCE) are not publicly provided in the supplied connected documents. Please monitor for updates from official advisories and vulnerability databases for affected products, vulnerable components, impact, and fixes.
CVE-2023-36697
Technical details about CVE-2023-36697 are not publicly available in the provided documents; monitor for updates.
CVE-2023-36592
CVE-2023-36592 concerns Microsoft Message Queuing (MSMQ) Remote Code Execution. Connected CNVD-2023-84129 notes a remote code execution vulnerability in MSMQ. The CVSS metrics in the Initial document indicate Local attack vector, Low privileges required, User interaction, and high impact across c...
CVE-2023-36581
CVE-2023-36581 corresponds to a Denial of Service vulnerability in Microsoft Message Queuing (MSMQ). Public records in the connected CNVD entry describe a MSMQ DoS issue, but the available documents do not provide concrete technical details such as affected versions, root cause, specific exploit ...
CVE-2023-36593
Technical details for CVE-2023-36593 are not publicly provided in the supplied documents. Monitor for updates from official advisories (MSRC/NVD) to obtain affected products, impact, and fixes.
CVE-2023-36606
Technical details for CVE-2023-36606 are not publicly available in the provided documents. Monitor for updates from vendor/security advisories.
CVE-2023-36582
Technical details about CVE-2023-36582 are not publicly available in the provided connected documents. Monitor for updates from official advisories.
CVE-2022-24503
CVE-2022-24503 is a Remote Desktop Protocol Client Information Disclosure vulnerability. Connected sources indicate it affects Windows Remote Desktop Client and can be triggered over the network with no authentication and no user interaction, exposing partial confidentiality (C:L). The issue is t...
CVE-2023-36583
CVE-2023-36583 is a Microsoft Message Queuing (MSMQ) Remote Code Execution vulnerability. The NVD entry lists a CVSS v3.1 base score of 7.3 (HIGH) with LOCAL attack vector, LOW attack complexity, LOW privileges required, user interaction needed, and a scope of UNCHANGED. The impact is HIGH on con...
CVE-2022-24505
CVE-2022-24505 is a Windows ALPC Elevation of Privilege vulnerability. The connected sources confirm a local privilege escalation in the Windows ALPC mechanism, enabling an attacker with local access to obtain high/ SYSTEM-like privileges. The NVD/CVSS data show a CVSS 3.1 base score of 7.0 (HIGH...
CVE-2023-21712
CVE-2023-21712 describes a Windows PPTP/RAS Remote Code Execution vulnerability. A race condition in the Point-to-Point Tunneling Protocol could allow unauthenticated, network-based attackers to execute arbitrary code in the RAS environment. The issue affects Windows Remote Access Service compone...
CVE-2023-36903
No technical details for CVE-2023-36903 are provided in the supplied documents; only the vulnerability title is present. Monitor for updates.
CVE-2023-21817
The provided documents do not contain technical details about CVE-2023-21817 (affected product/component, root cause, impact, or remediation). Technical specifics are not publicly available here. Monitor for updates and authoritative disclosures.
CVE-2022-24502
Technical details about CVE-2022-24502 are not provided in the supplied documents. The provided materials do not include affected products/versions/root cause/fix information. Monitor for updates.
CVE-2023-24859
CVE-2023-24859 is a Windows vulnerability described as a denial-of-service issue in the Windows Internet Key Exchange (IKE) extension. The available data identifies the affected component as the IKE extension and notes impact as availability degradation (DoS) with network attack vector and no use...
CVE-2023-21812
CVE-2023-21812 is a Windows vulnerability in the Common Log File System Driver (CLFS) that enables Elevation of Privilege. The NVD entry lists a CVSS v3.1 base score of 7.8 (HIGH) with LOCAL attack vector, LOW attack complexity, LOW privileges required, and no user interaction; impact is HIGH on ...
CVE-2023-23420
CVE-2023-23420 is a Windows Registry hive memory corruption bug (UAF) tied to transacted key rename. The exploit plan targets the HKCU hive (volatile storage) via a lightweight or KTM transaction sequence that renames a key, then frees keys in a transaction, producing a layout where freed cells c...
CVE-2017-0283
CVE-2017-0283 is described in the connected MSKB as a remote code execution vulnerability in Microsoft Office components that could be triggered by opening a specially crafted Office file. The MSKB describes a security update KB3191937 for Skype for Business 2015 (Lync 2013) that addresses CVE-20...
CVE-2023-36910
CVE-2023-36910 is a remote code execution vulnerability in Microsoft Message Queuing (MSMQ) that can be exploited remotely on affected Windows platforms (Windows 10/11 and Windows Server 2008–2022) without user interaction. The issue is formally described as MSMQ RCE with a high severity rating (...
CVE-2023-36911
CVE-2023-36911 is a remote code execution vulnerability in Microsoft Message Queuing (MSMQ). The connected NVD entry lists a critical CVSS v3.1 score of 9.8 (Network vector, no privileges required, no user interaction) with high impact on confidentiality, integrity, and availability. Public techn...
CVE-2023-21805
Technical details about CVE-2023-21805 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2023-24858
CVE-2023-24858 concerns an information-disclosure vulnerability in Microsoft’s PostScript and PCL6 Class Printer Driver. The issue, affecting the printer driver component, exposes confidential data via the affected driver surfaces. CVSS metrics from NVD indicate network vector, high confidentiali...
CVE-2023-23423
CVE-2023-23423 is a Windows Kernel Elevation of Privilege vulnerability tied to hive memory corruption in the Windows Registry (HKCU/HKLM hives). The connected Project Zero analysis provides concrete exploitation details: a memory-corruption primitive in hive data can be combined with a crafted o...
CVE-2023-21822
Technical details for CVE-2023-21822 are not publicly available in the provided documents. Monitor for updates.
CVE-2023-23422
CVE-2023-23422 is a Windows kernel elevation-of-privilege vulnerability described in the Registry hive memory‑corruption research. The exposed flaw is a local, kernel‑level issue where memory corruption in a registry hive (notably HKCU) can be triggered to craft an out‑of‑bounds cell index that r...
CVE-2017-0158
CVE-2017-0158 is a Windows scripting engine memory corruption vulnerability. The issue arises from improper handling/sanitization of in-memory handles in the Scripting Engine, enabling remote code execution when a user visits a malicious site or opens a crafted document. Affected platforms includ...
CVE-2023-21803
CVE-2023-21803 corresponds to a Windows iSCSI Discovery Service Remote Code Execution vulnerability. The available data shows a critical 9.8 CVSSv3.1 score with network attack vector , no privileges required , and no user interaction ; impact is shown as High for confidentiality, integrity, and a...
CVE-2023-21813
Technical details on CVE-2023-21813 are not provided in the furnished documents; no affected products, exploit info, or fixes are described here. Monitor for updates from official advisories.
CVE-2023-24856
Technical details about CVE-2023-24856 are not publicly available in the provided connected documents. The entry lacks affected products/versions or exploit information. Monitor for updates from official sources to obtain concrete details, impact, and remediation.
CVE-2023-36906
Technical details for CVE-2023-36906 are not publicly provided in the supplied documents. No affected products, root cause, or fixes are confirmed here. Monitor for updates.
CVE-2023-36900
CVE-2023-36900 affects the Windows Common Log File System (CLFS) driver, enabling Elevation of Privilege via an integer overflow/wraparound vulnerability. The connected exploit repository documents a PoC labeled as an exploit for an Integer Overflow or Wraparound in Microsoft CLFS, with a Denial-...
CVE-2023-21818
Technical details for CVE-2023-21818 are not publicly provided in the supplied documents. The available sources reference the CVE within larger Windows vulnerability lists but do not disclose affected products, root cause, impact, or fixes.
CVE-2023-23421
CVE-2023-23421 is part of a family of hive-memory-corruption bugs in the Windows Registry (kernel) that enable local privilege escalation. The connected analysis shows an attacker-controlled hive memory‑corruption primitive (e.g., UAF in a registry key or related hive data) that can be exploited ...
CVE-2023-21802
Technical details (affected product/component/versions/root cause and fixes) for CVE-2023-21802 are not publicly available in the provided documents. Monitor for updates from official CVE/NVD/KB sources.
CVE-2017-0211
CVE-2017-0211 is a Windows OLE/COM elevation-of-privilege issue where a Structured Storage object can be exposed across a security boundary via a property bag, enabling creation of a remote COM object in the server process and potential privilege escalation. Google Project Zero details show how I...
CVE-2023-21804
Technical details about CVE-2023-21804 are not publicly available in the provided documents. Monitor for updates from Microsoft and related CVE references to obtain affected products, impact, and remediation.
CVE-2023-36909
Technical details for CVE-2023-36909 are not publicly provided in the supplied documents. No affected products, root cause, or remediation details are present here. Monitor for updates.
CVE-2017-0181
CVE-2017-0181 affects the Windows Hyper-V Network Switch on Windows 10/Windows Server 2016 hosts. The vulnerability is a remote code execution caused by improper validation of input from the guest OS, requiring an authenticated user on the guest. Connected sources confirm Hyper-V input validation...
CVE-2018-0971
CVE-2018-0971 is an information-disclosure vulnerability in the Windows kernel that could enable an attacker to bypass Kernel ASLR. The Initial description lists affected Windows versions (multiple client/server editions). Connected documents show exploitation references: CIRCL entries for CVE-20...
CVE-2023-21694
Technical details about CVE-2023-21694 are not publicly provided in the supplied documents. The connected records do not specify affected products, root cause, remediation, or exploit status. Monitor for official disclosures and updates.
CVE-2023-21695
Technical details about CVE-2023-21695 are not publicly available in the provided documents. Monitor for updates from official sources; no concrete exploit/vector/impact details are provided here.
CVE-2023-21801
CVE-2023-21801 affects Microsoft PostScript and PCL6 Class Printer Driver and is described as a Remote Code Execution vulnerability. Connected documents confirm the vulnerability exists in these printer drivers but do not provide concrete details on affected product versions, root cause specifics...
CVE-2023-21816
No concrete technical details about CVE-2023-21816 are present in the connected documents. The initial description only notes a Windows AD DS DoS. Monitor official advisories and vendor updates for remediation, affected versions, impact, and patch information.
CVE-2023-21820
Technical details (affected product/version, root cause, impact, or fix) are not publicly available in the provided documents. Monitor for updates.
CVE-2023-21693
Technical details about CVE-2023-21693 are not publicly provided in the supplied connected documents. No specifics on affected products, root cause, or remediation are included here. Monitor for updates from official sources.
CVE-2023-21700
Technical details for CVE-2023-21700 are not publicly available in the provided documents. No concrete affected products, root cause, or remediation are confirmed here. Monitor official sources for updates and published fixes.
CVE-2016-0174
CVE-2016-0174 describes a local privilege escalation in Windows kernel-mode drivers (Win32k) affecting multiple Windows family versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, Server 2012, RT 8.1, and Windows 10 1511/Gold). The vulnerability allows a locally authenticated attacker to gain hig...
CVE-2018-0974
CVE-2018-0974 is a Windows kernel information disclosure vulnerability that could enable an attacker to obtain information facilitating a Kernel ASLR bypass. Affected are Windows client and server families including Windows 7, Server 2008/2008 R2, 8.1, 10 (and Server equivalents). The vulnerabili...