Reference |
Description |
Vendor Severity |
CVSS Score |
Weaponized |
Publicly Aware |
Countermeasure |
Additional Details |
Impact |
Exploitability Assessment |
CVE-2023-32049 |
Windows SmartScreen Security Feature Bypass Vulnerability |
Important |
8.8 |
Yes |
No |
|
|
Security Feature Bypass |
Exploitation Detected |
CVE-2023-35311 |
Microsoft Outlook Security Feature Bypass Vulnerability |
Important |
8.8 |
Yes |
No |
|
|
Security Feature Bypass |
Exploitation Detected |
CVE-2023-32046 |
Windows MSHTML Platform Elevation of Privilege Vulnerability |
Important |
7.8 |
Yes |
No |
|
|
Elevation of Privilege |
Exploitation Detected |
CVE-2023-36874 |
Windows Error Reporting Service Elevation of Privilege Vulnerability |
Important |
7.8 |
Yes |
No |
|
|
Elevation of Privilege |
Exploitation Detected |
CVE-2023-33150 |
Microsoft Office Security Feature Bypass Vulnerability |
Important |
9.6 |
No |
No |
Scope = Changed, Jump Point = True
Successful exploitation of this vulnerability would allow an attacker to escape the Office Protected View. |
|
Security Feature Bypass |
Exploitation Less Likely |
CVE-2023-32038 |
Microsoft ODBC Driver Remote Code Execution Vulnerability |
Important |
8.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-33134 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Important |
8.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation More Likely |
CVE-2023-33159 |
Microsoft SharePoint Server Spoofing Vulnerability |
Important |
8.8 |
No |
No |
|
|
Spoofing |
Exploitation Less Likely |
CVE-2023-35300 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability |
Important |
8.8 |
No |
No |
The authenticated attacker could take advantage of this vulnerability to execute malicious code through the RPC runtime. |
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35302 |
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
Important |
8.8 |
No |
No |
|
Option 1 – Disable the Print Spooler service
If disabling the Print Spooler service is appropriate for your enterprise, use the following PowerShell commands:
Stop-Service -Name Spooler -Force
Set-Service -Name Spooler -StartupType Disabled
Impact of workaround Disabling the Print Spooler service disables the ability to print both locally and remotely.
Option 2 – Disable inbound remote printing through Group Policy
You can also configure the settings via Group Policy as follows:
Computer Configuration / Administrative Templates / Printers
Disable the “Allow Print Spooler to accept client connections:” policy to block remote attacks.
You must restart the Print Spooler service for the group policy to take effect. |
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35303 |
USB Audio Class System Driver Remote Code Execution Vulnerability |
Important |
8.8 |
No |
No |
|
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35322 |
Windows Deployment Services Remote Code Execution Vulnerability |
Important |
8.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35333 |
MediaWiki PandocUpload Extension Remote Code Execution Vulnerability |
Important |
8.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35364 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
8.8 |
No |
No |
Scope = Changed, Jump Point = True
In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-29347 |
Windows Admin Center Spoofing Vulnerability |
Important |
8.7 |
No |
No |
Scope = Changed, Jump Point = True
The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine. |
|
Spoofing |
Exploitation Less Likely |
CVE-2023-33171 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
Important |
8.2 |
No |
No |
Scope = Changed, Jump Point = True
The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine. |
|
Spoofing |
Exploitation Less Likely |
CVE-2023-35335 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
Important |
8.2 |
No |
No |
Scope = Changed, Jump Point = True
The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine. |
|
Spoofing |
Exploitation Less Likely |
CVE-2023-33127 |
.NET and Visual Studio Elevation of Privilege Vulnerability |
Important |
8.1 |
No |
No |
|
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-33170 |
ASP.NET and Visual Studio Security Feature Bypass Vulnerability |
Important |
8.1 |
No |
No |
|
|
Security Feature Bypass |
Exploitation Less Likely |
CVE-2023-21756 |
Windows Win32k Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-32047 |
Paint 3D Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Unlikely |
CVE-2023-32051 |
Raw Image Extension Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-32053 |
Windows Installer Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-32056 |
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-33148 |
Microsoft Office Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could execute RPC functions that are restricted to local clients only. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-33149 |
Microsoft Office Graphics Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-33154 |
Windows Partition Management Driver Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-33155 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-33158 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-33161 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35299 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35304 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35305 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35312 |
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain administrator privileges. |
|
Elevation of Privilege |
Exploitation More Likely |
CVE-2023-35317 |
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain administrator privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35320 |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35323 |
Windows OLE Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35328 |
Windows Transaction Manager Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35337 |
Win32k Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35340 |
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
Scope = Changed, Jump Point = True
In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35342 |
Windows Image Acquisition Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35343 |
Windows Geolocation Service Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35353 |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35356 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35357 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35358 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35362 |
Windows Clip Service Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35363 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.8 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35374 |
Paint 3D Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
You can check the package version in PowerShell:
Get-AppxPackage -Name Microsoft.MSPaint |
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-36867 |
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability |
Important |
7.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-32044 |
Microsoft Message Queuing Denial of Service Vulnerability |
Important |
7.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-32045 |
Microsoft Message Queuing Denial of Service Vulnerability |
Important |
7.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-32084 |
HTTP.sys Denial of Service Vulnerability |
Important |
7.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-33163 |
Windows Network Load Balancing Remote Code Execution Vulnerability |
Important |
7.5 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35298 |
HTTP.sys Denial of Service Vulnerability |
Important |
7.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35309 |
Microsoft Message Queuing Remote Code Execution Vulnerability |
Important |
7.5 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35325 |
Windows Print Spooler Information Disclosure Vulnerability |
Important |
7.5 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-35330 |
Windows Extended Negotiation Denial of Service Vulnerability |
Important |
7.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35338 |
Windows Peer Name Resolution Protocol Denial of Service Vulnerability |
Important |
7.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35339 |
Windows CryptoAPI Denial of Service Vulnerability |
Important |
7.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35348 |
Active Directory Federation Service Security Feature Bypass Vulnerability |
Important |
7.5 |
No |
No |
Scope = Changed, Jump Point = True |
|
Security Feature Bypass |
Exploitation Less Likely |
CVE-2023-21526 |
Windows Netlogon Information Disclosure Vulnerability |
Important |
7.4 |
No |
No |
An attacker who successfully exploited this vulnerability could intercept and potentially modify traffic between client and server systems. |
|
Information Disclosure |
Exploitation More Likely |
CVE-2023-32054 |
Volume Shadow Copy Elevation of Privilege Vulnerability |
Important |
7.3 |
No |
No |
|
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35350 |
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability |
Important |
7.2 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35347 |
Microsoft Store Install Service Elevation of Privilege Vulnerability |
Important |
7.1 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-32050 |
Windows Installer Elevation of Privilege Vulnerability |
Important |
7.0 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-33152 |
Microsoft ActiveX Remote Code Execution Vulnerability |
Important |
7.0 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35360 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.0 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35361 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
7.0 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-32043 |
Windows Remote Desktop Security Feature Bypass Vulnerability |
Important |
6.8 |
No |
No |
|
|
Security Feature Bypass |
Exploitation Less Likely |
CVE-2023-33153 |
Microsoft Outlook Remote Code Execution Vulnerability |
Important |
6.8 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35332 |
Windows Remote Desktop Protocol Security Feature Bypass |
Important |
6.8 |
No |
No |
|
|
Security Feature Bypass |
Exploitation Less Likely |
CVE-2023-32055 |
Active Template Library Elevation of Privilege Vulnerability |
Important |
6.7 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35313 |
Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability |
Important |
6.7 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-32033 |
Microsoft Failover Cluster Remote Code Execution Vulnerability |
Important |
6.6 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35310 |
Windows DNS Server Remote Code Execution Vulnerability |
Important |
6.6 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35344 |
Windows DNS Server Remote Code Execution Vulnerability |
Important |
6.6 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35345 |
Windows DNS Server Remote Code Execution Vulnerability |
Important |
6.6 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-35346 |
Windows DNS Server Remote Code Execution Vulnerability |
Important |
6.6 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-32034 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-32035 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-32037 |
Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability |
Important |
6.5 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-32042 |
OLE Automation Information Disclosure Vulnerability |
Important |
6.5 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-32083 |
Microsoft Failover Cluster Information Disclosure Vulnerability |
Important |
6.5 |
No |
No |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-33151 |
Microsoft Outlook Spoofing Vulnerability |
Important |
6.5 |
No |
No |
|
|
Spoofing |
Exploitation Less Likely |
CVE-2023-33164 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-33166 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-33167 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-33168 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-33169 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-33172 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-33173 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35296 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
Important |
6.5 |
No |
No |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-35308 |
Windows MSHTML Platform Security Feature Bypass Vulnerability |
Important |
6.5 |
No |
No |
|
|
Security Feature Bypass |
Exploitation Less Likely |
CVE-2023-35316 |
Remote Procedure Call Runtime Information Disclosure Vulnerability |
Important |
6.5 |
No |
No |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-35318 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35319 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35321 |
Windows Deployment Services Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35329 |
Windows Authentication Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35331 |
Windows Local Security Authority (LSA) Denial of Service Vulnerability |
Important |
6.5 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35336 |
Windows MSHTML Platform Security Feature Bypass Vulnerability |
Important |
6.5 |
No |
No |
|
|
Security Feature Bypass |
Exploitation Less Likely |
CVE-2023-35351 |
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability |
Important |
6.5 |
No |
No |
|
|
Remote Code Execution |
Exploitation Less Likely |
CVE-2023-36868 |
Azure Service Fabric on Windows Information Disclosure Vulnerability |
Important |
6.5 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-36871 |
Azure Active Directory Security Feature Bypass Vulnerability |
Important |
6.5 |
No |
No |
|
|
Security Feature Bypass |
N/A |
CVE-2023-33156 |
Microsoft Defender Elevation of Privilege Vulnerability |
Important |
6.3 |
No |
No |
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
|
Elevation of Privilege |
Exploitation Less Likely |
CVE-2023-35341 |
Microsoft DirectMusic Information Disclosure Vulnerability |
Important |
6.2 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-32039 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-32040 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-32041 |
Windows Update Orchestrator Service Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-32085 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-33162 |
Microsoft Excel Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-33174 |
Windows Cryptographic Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-35306 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-35324 |
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-35326 |
Windows CDP User Components Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
|
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-36872 |
VP9 Video Extensions Information Disclosure Vulnerability |
Important |
5.5 |
No |
No |
An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. |
|
Information Disclosure |
Exploitation Less Likely |
CVE-2023-32052 |
Microsoft Power Apps Spoofing Vulnerability |
Important |
5.4 |
No |
No |
|
|
Spoofing |
Exploitation Less Likely |
CVE-2023-35314 |
Remote Procedure Call Runtime Denial of Service Vulnerability |
Important |
5.3 |
No |
No |
|
|
Denial of Service |
Exploitation Less Likely |
CVE-2023-35373 |
Mono Authenticode Validation Spoofing Vulnerability |
Important |
5.3 |
No |
No |
|
|
Spoofing |
Exploitation Less Likely |
CVE-2023-33165 |
Microsoft SharePoint Server Security Feature Bypass Vulnerability |
Important |
4.3 |
No |
No |
|
|
Security Feature Bypass |
Exploitation Less Likely |