Microsoft Windows 10 20h2

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

CVE-2023-24859 7.5 - High - March 14, 2023

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24858 7.5 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24857 7.5 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24856 7.5 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-23423 7.8 - High - March 14, 2023

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-23422 7.8 - High - March 14, 2023

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-23421 7.8 - High - March 14, 2023

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-23420 7.8 - High - March 14, 2023

Windows Kernel Elevation of Privilege Vulnerability

Windows Partition Management Driver Elevation of Privilege Vulnerability

CVE-2023-23417 7.8 - High - March 14, 2023

Windows Partition Management Driver Elevation of Privilege Vulnerability

Windows Cryptographic Services Remote Code Execution Vulnerability

CVE-2023-23416 7.8 - High - March 14, 2023

Windows Cryptographic Services Remote Code Execution Vulnerability

Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

CVE-2023-23415 9.8 - Critical - March 14, 2023

Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability

CVE-2023-23414 7.1 - High - March 14, 2023

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-24913 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24911 5.3 - Medium - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-23413 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Windows Accounts Picture Elevation of Privilege Vulnerability

CVE-2023-23412 7.8 - High - March 14, 2023

Windows Accounts Picture Elevation of Privilege Vulnerability

Windows Hyper-V Denial of Service Vulnerability

CVE-2023-23411 6.5 - Medium - March 14, 2023

Windows Hyper-V Denial of Service Vulnerability

Resource Exhaustion

Windows HTTP.sys Elevation of Privilege Vulnerability

CVE-2023-23410 7.8 - High - March 14, 2023

Windows HTTP.sys Elevation of Privilege Vulnerability

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability

CVE-2023-23409 5.5 - Medium - March 14, 2023

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability

CVE-2023-23407 7.1 - High - March 14, 2023

Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability

Race Condition

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-23406 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2023-23405 8.1 - High - March 14, 2023

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

CVE-2023-23404 8.1 - High - March 14, 2023

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Race Condition

Windows Bluetooth Driver Elevation of Privilege Vulnerability

CVE-2023-23388 8.8 - High - March 14, 2023

Windows Bluetooth Driver Elevation of Privilege Vulnerability

Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability

CVE-2023-23385 7 - High - March 14, 2023

Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2023-21708 9.8 - Critical - March 14, 2023

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-23403 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Windows Media Remote Code Execution Vulnerability

CVE-2023-23402 7.8 - High - March 14, 2023

Windows Media Remote Code Execution Vulnerability

Windows Media Remote Code Execution Vulnerability

CVE-2023-23401 7.8 - High - March 14, 2023

Windows Media Remote Code Execution Vulnerability

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability

CVE-2023-23394 5.5 - Medium - March 14, 2023

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability

CVE-2023-23393 7 - High - March 14, 2023

Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability

Race Condition

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-24876 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-24872 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Windows Bluetooth Service Remote Code Execution Vulnerability

CVE-2023-24871 8.8 - High - March 14, 2023

Windows Bluetooth Service Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24870 6.5 - Medium - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2023-24869 8.1 - High - March 14, 2023

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-24910 7.8 - High - March 14, 2023

Windows Graphics Component Elevation of Privilege Vulnerability

Windows Secure Channel Denial of Service Vulnerability

CVE-2023-24862 5.5 - Medium - March 14, 2023

Windows Secure Channel Denial of Service Vulnerability

Resource Exhaustion

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-24861 7 - High - March 14, 2023

Windows Graphics Component Elevation of Privilege Vulnerability

Race Condition

Windows SmartScreen Security Feature Bypass Vulnerability

CVE-2023-24880 4.4 - Medium - March 14, 2023

Windows SmartScreen Security Feature Bypass Vulnerability

AuthZ

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-24909 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2023-24908 8.1 - High - March 14, 2023

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24906 6.5 - Medium - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-24868 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-24867 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24866 6.5 - Medium - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24865 6.5 - Medium - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability

CVE-2023-24864 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Elevation of Privilege Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24863 6.5 - Medium - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-24907 8.8 - High - March 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Windows Graphics Component Remote Code Execution Vulnerability

CVE-2023-21823 7.8 - High - February 14, 2023

Windows Graphics Component Remote Code Execution Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-21822 7.8 - High - February 14, 2023

Windows Graphics Component Elevation of Privilege Vulnerability

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

CVE-2023-21820 7.4 - High - February 14, 2023

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

Windows Secure Channel Denial of Service Vulnerability

CVE-2023-21819 7.5 - High - February 14, 2023

Windows Secure Channel Denial of Service Vulnerability

Windows Secure Channel Denial of Service Vulnerability

CVE-2023-21818 7.5 - High - February 14, 2023

Windows Secure Channel Denial of Service Vulnerability

Windows Kerberos Elevation of Privilege Vulnerability

CVE-2023-21817 7.8 - High - February 14, 2023

Windows Kerberos Elevation of Privilege Vulnerability

Windows Active Directory Domain Services API Denial of Service Vulnerability

CVE-2023-21816 7.5 - High - February 14, 2023

Windows Active Directory Domain Services API Denial of Service Vulnerability

Windows Secure Channel Denial of Service Vulnerability

CVE-2023-21813 7.5 - High - February 14, 2023

Windows Secure Channel Denial of Service Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2023-21812 7.8 - High - February 14, 2023

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows iSCSI Service Denial of Service Vulnerability

CVE-2023-21811 7.5 - High - February 14, 2023

Windows iSCSI Service Denial of Service Vulnerability

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2023-21805 7.8 - High - February 14, 2023

Windows MSHTML Platform Remote Code Execution Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-21804 7.8 - High - February 14, 2023

Windows Graphics Component Elevation of Privilege Vulnerability

Windows iSCSI Discovery Service Remote Code Execution Vulnerability

CVE-2023-21803 9.8 - Critical - February 14, 2023

Windows iSCSI Discovery Service Remote Code Execution Vulnerability

Windows Media Remote Code Execution Vulnerability

CVE-2023-21802 7.8 - High - February 14, 2023

Windows Media Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-21801 7.8 - High - February 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Windows iSCSI Service Denial of Service Vulnerability

CVE-2023-21702 7.5 - High - February 14, 2023

Windows iSCSI Service Denial of Service Vulnerability

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability

CVE-2023-21701 7.5 - High - February 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability

Windows iSCSI Discovery Service Denial of Service Vulnerability

CVE-2023-21700 7.5 - High - February 14, 2023

Windows iSCSI Discovery Service Denial of Service Vulnerability

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability

CVE-2023-21699 5.3 - Medium - February 14, 2023

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability

CVE-2023-21697 5.5 - Medium - February 14, 2023

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2023-21695 8.8 - High - February 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

Windows Fax Service Remote Code Execution Vulnerability

CVE-2023-21694 6.8 - Medium - February 14, 2023

Windows Fax Service Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-21693 5.7 - Medium - February 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2023-23376 7.8 - High - February 14, 2023

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-21799 8.8 - High - February 14, 2023

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2023-21798 8.8 - High - February 14, 2023

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2023-21797 8.8 - High - February 14, 2023

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2023-21692 9.8 - Critical - February 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability

CVE-2023-21691 7.5 - High - February 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2023-21690 9.8 - Critical - February 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2023-21689 9.8 - Critical - February 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

NT OS Kernel Elevation of Privilege Vulnerability

CVE-2023-21688 7.8 - High - February 14, 2023

NT OS Kernel Elevation of Privilege Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-21686 8.8 - High - February 14, 2023

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-21685 8.8 - High - February 14, 2023

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2023-21684 8.8 - High - February 14, 2023

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

HP Factory Preinstalled Images on certain systems

CVE-2022-38396 7.8 - High - February 12, 2023

HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on October 31, 2021.

Windows Task Scheduler Elevation of Privilege Vulnerability.

CVE-2023-21541 7.8 - High - January 10, 2023

Windows Task Scheduler Elevation of Privilege Vulnerability.

Windows Authentication Remote Code Execution Vulnerability.

CVE-2023-21539 7.5 - High - January 10, 2023

Windows Authentication Remote Code Execution Vulnerability.

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

CVE-2023-21561 8.8 - High - January 10, 2023

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21551, CVE-2023-21730.

Improper Privilege Management

Windows Cryptographic Information Disclosure Vulnerability

CVE-2023-21559 5.5 - Medium - January 10, 2023

Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21540, CVE-2023-21550.

Windows Cryptographic Information Disclosure Vulnerability

CVE-2023-21550 5.5 - Medium - January 10, 2023

Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21540, CVE-2023-21559.

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2023-21548 8.1 - High - January 10, 2023

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21535.

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

CVE-2023-21546 8.1 - High - January 10, 2023

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21555, CVE-2023-21556, CVE-2023-21679.

Race Condition

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

CVE-2023-21543 8.1 - High - January 10, 2023

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21679.

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

CVE-2023-21551 7.8 - High - January 10, 2023

Microsoft Cryptographic Services Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21561, CVE-2023-21730.

Improper Privilege Management

Windows SMB Witness Service Elevation of Privilege Vulnerability.

CVE-2023-21549 8.8 - High - January 10, 2023

Windows SMB Witness Service Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Cryptographic Information Disclosure Vulnerability

CVE-2023-21540 5.5 - Medium - January 10, 2023

Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21550, CVE-2023-21559.

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability.

CVE-2023-21537 7.8 - High - January 10, 2023

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability.

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability.

CVE-2023-21557 9.1 - Critical - January 10, 2023

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability.

Resource Exhaustion

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

CVE-2023-21556 8.1 - High - January 10, 2023

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21679.