Total
1156 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-36399 | 1 Microsoft | 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more | 2024-11-21 | N/A | 7.1 HIGH |
Windows Storage Elevation of Privilege Vulnerability | |||||
CVE-2023-36394 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more | 2024-11-21 | N/A | 7.0 HIGH |
Windows Search Service Elevation of Privilege Vulnerability | |||||
CVE-2023-36391 | 1 Microsoft | 1 Windows 11 23h2 | 2024-11-21 | N/A | 7.8 HIGH |
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | |||||
CVE-2023-36047 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows Authentication Elevation of Privilege Vulnerability | |||||
CVE-2023-36046 | 1 Microsoft | 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more | 2024-11-21 | N/A | 7.1 HIGH |
Windows Authentication Denial of Service Vulnerability | |||||
CVE-2023-35633 | 1 Microsoft | 3 Windows 10 1507, Windows Server 2008, Windows Server 2012 | 2024-11-21 | N/A | 7.8 HIGH |
Windows Kernel Elevation of Privilege Vulnerability | |||||
CVE-2023-35624 | 1 Microsoft | 1 Azure Connected Machine Agent | 2024-11-21 | N/A | 7.3 HIGH |
Azure Connected Machine Agent Elevation of Privilege Vulnerability | |||||
CVE-2023-35379 | 1 Microsoft | 1 Windows Server 2008 | 2024-11-21 | N/A | 7.8 HIGH |
Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability | |||||
CVE-2023-35353 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2024-11-21 | N/A | 7.8 HIGH |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | |||||
CVE-2023-35347 | 1 Microsoft | 5 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 2 more | 2024-11-21 | N/A | 7.1 HIGH |
Microsoft Install Service Elevation of Privilege Vulnerability | |||||
CVE-2023-35342 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows Image Acquisition Elevation of Privilege Vulnerability | |||||
CVE-2023-35320 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2024-11-21 | N/A | 7.8 HIGH |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | |||||
CVE-2023-34723 | 1 Jaycar | 2 La5570, La5570 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows attackers to gain sensitive information via /config/system.conf. | |||||
CVE-2023-34283 | 2024-11-21 | N/A | 4.6 MEDIUM | ||
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of symbolic links on removable USB media. By creating a symbolic link, an attacker can abuse the router's web server to access arbitrary local files. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-19498. | |||||
CVE-2023-34204 | 1 Imapsync Project | 1 Imapsync | 2024-11-21 | N/A | 6.5 MEDIUM |
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus (for example) an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it. | |||||
CVE-2023-33865 | 1 Renderdoc | 1 Renderdoc | 2024-11-21 | N/A | 7.8 HIGH |
RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership. | |||||
CVE-2023-33245 | 1 Minecraft | 1 Minecraft | 2024-11-21 | N/A | 8.8 HIGH |
Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink. | |||||
CVE-2023-33148 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.8 HIGH |
Microsoft Office Elevation of Privilege Vulnerability | |||||
CVE-2023-32556 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | N/A | 5.5 MEDIUM |
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2023-32474 | 1 Dell | 1 Display Manager | 2024-11-21 | N/A | 6.6 MEDIUM |
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion |