ISHACK AI BOT

Fortinet FortiAnalyzer: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CVE-2023-42788) Severity 7 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:C) Published 10/10/2023 Created 10/16/2023 Added 10/16/2023 Modified 01/30/2025 Description An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.8, version 6.4.0 through 6.4.12 and version 6.2.0 through 6.2.11 may allow a local attacker with low privileges to execute unauthorized code via specifically crafted arguments to a CLI command Solution(s) fortinet-fortianalyzer-upgrade-latest References https://attackerkb.com/topics/cve-2023-42788 CVE - 2023-42788 https://fortiguard.com/psirt/FG-IR-23-167 https://github.com/orangecertcc/security-research/security/advisories/GHSA-qpv8-g6qv-rf8p

Fortinet FortiAnalyzer: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CVE-2023-41838) Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 10/10/2023 Created 10/16/2023 Added 10/16/2023 Modified 01/30/2025 Description An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 through 7.2.3 may allow attacker to execute unauthorized code or commands via FortiManager cli. Solution(s) fortinet-fortianalyzer-upgrade-latest References https://attackerkb.com/topics/cve-2023-41838 CVE - 2023-41838 https://fortiguard.com/psirt/FG-IR-23-169

FreeBSD: VID-07EE8C14-68F1-11EE-8290-A8A1599412C6 (CVE-2023-5474): chromium -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/13/2023 Added 10/12/2023 Modified 01/28/2025 Description Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2023-5474

FreeBSD: VID-07EE8C14-68F1-11EE-8290-A8A1599412C6 (CVE-2023-5487): chromium -- multiple vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/10/2023 Created 10/13/2023 Added 10/12/2023 Modified 01/28/2025 Description Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2023-5487

Microsoft Windows: CVE-2023-36592: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-36592 CVE - 2023-36592 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Microsoft Windows: CVE-2023-36435: Microsoft QUIC Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 07/22/2024 Description Microsoft QUIC Denial of Service Vulnerability Solution(s) microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 References https://attackerkb.com/topics/cve-2023-36435 CVE - 2023-36435 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031364

Microsoft Windows: CVE-2023-36434: Windows IIS Server Elevation of Privilege Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Windows IIS Server Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-36434 CVE - 2023-36434 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Microsoft CVE-2023-36785: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 10/10/2023 Description Microsoft CVE-2023-36785: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Solution(s) msft-kb5029377-fd074a69-e548-45af-ba86-86fefdfca81b-x64 msft-kb5029378-21fe36a7-1967-4c3a-bd71-b28b30b7aab4-x64 msft-kb5029379-4d85ef76-8ec7-468f-a36e-87904a0a3f2f-x64 msft-kb5029503-2b61f20c-c789-42dd-a46b-3804c0ccda06-x64 References https://attackerkb.com/topics/cve-2023-36785 CVE - 2023-36785 5029377 5029378 5029379 5029503

Microsoft Windows: CVE-2023-41766: Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-41766 CVE - 2023-41766 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Amazon Linux AMI: CVE-2023-43785: Security patch for libX11 (ALAS-2023-1859) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/10/2023 Created 10/27/2023 Added 10/25/2023 Modified 01/28/2025 Description A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system. Solution(s) amazon-linux-upgrade-libx11 References ALAS-2023-1859 CVE-2023-43785

Microsoft Windows: CVE-2023-44487: MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/28/2025 Description The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. Solution(s) microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 References https://attackerkb.com/topics/cve-2023-44487 CVE - 2023-44487 DSA-5521 DSA-5522 DSA-5540 DSA-5549 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 View more

Microsoft Windows: CVE-2023-36576: Windows Kernel Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 08/07/2024 Description Windows Kernel Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 References https://attackerkb.com/topics/cve-2023-36576 CVE - 2023-36576 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 View more

Microsoft Windows: CVE-2023-36577: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-36577 CVE - 2023-36577 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Microsoft Windows: CVE-2023-36557: PrintHTML API Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 08/07/2024 Description PrintHTML API Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 References https://attackerkb.com/topics/cve-2023-36557 CVE - 2023-36557 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 View more

Microsoft Windows: CVE-2023-36701: Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 References https://attackerkb.com/topics/cve-2023-36701 CVE - 2023-36701 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Amazon Linux AMI: CVE-2023-45648: Security patch for tomcat8 (ALAS-2023-1868) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/10/2023 Created 10/24/2023 Added 10/19/2023 Modified 01/28/2025 Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue. Solution(s) amazon-linux-upgrade-tomcat8 References ALAS-2023-1868 CVE-2023-45648

Amazon Linux AMI: CVE-2023-44487: Security patch for golang ((Multiple Advisories)) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/10/2023 Created 10/24/2023 Added 10/19/2023 Modified 01/28/2025 Description The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. Solution(s) amazon-linux-upgrade-golang amazon-linux-upgrade-nghttp2 amazon-linux-upgrade-nginx amazon-linux-upgrade-tomcat8 References ALAS-2023-1871 CVE-2023-44487

Amazon Linux AMI: CVE-2023-43788: Security patch for libXpm (ALAS-2023-1894) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/10/2023 Created 12/07/2023 Added 12/05/2023 Modified 01/28/2025 Description A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system. Solution(s) amazon-linux-upgrade-libxpm References ALAS-2023-1894 CVE-2023-43788

Microsoft Windows: CVE-2023-36724: Windows Power Management Service Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Windows Power Management Service Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-36724 CVE - 2023-36724 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Microsoft Windows: CVE-2023-36725: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 08/07/2024 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 References https://attackerkb.com/topics/cve-2023-36725 CVE - 2023-36725 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031364

Microsoft CVE-2023-36417: Microsoft SQL ODBC Driver Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 10/10/2023 Description Microsoft CVE-2023-36417: Microsoft SQL ODBC Driver Remote Code Execution Vulnerability Solution(s) msft-kb5029377-fd074a69-e548-45af-ba86-86fefdfca81b-x64 msft-kb5029378-21fe36a7-1967-4c3a-bd71-b28b30b7aab4-x64 msft-kb5029379-4d85ef76-8ec7-468f-a36e-87904a0a3f2f-x64 msft-kb5029503-2b61f20c-c789-42dd-a46b-3804c0ccda06-x64 References https://attackerkb.com/topics/cve-2023-36417 CVE - 2023-36417 5029377 5029378 5029379 5029503

Microsoft Windows: CVE-2023-41771: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-41771 CVE - 2023-41771 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Microsoft Windows: CVE-2023-35349: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-35349 CVE - 2023-35349 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Microsoft Windows: CVE-2023-36743: Win32k Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Win32k Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-36743 CVE - 2023-36743 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more

Microsoft Windows: CVE-2023-36571: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 10/10/2023 Created 10/11/2023 Added 10/10/2023 Modified 09/06/2024 Description Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5031377 microsoft-windows-windows_10-1607-kb5031362 microsoft-windows-windows_10-1809-kb5031361 microsoft-windows-windows_10-21h2-kb5031356 microsoft-windows-windows_10-22h2-kb5031356 microsoft-windows-windows_11-21h2-kb5031358 microsoft-windows-windows_11-22h2-kb5031354 microsoft-windows-windows_server_2012-kb5031427 microsoft-windows-windows_server_2012_r2-kb5031407 microsoft-windows-windows_server_2016-1607-kb5031362 microsoft-windows-windows_server_2019-1809-kb5031361 microsoft-windows-windows_server_2022-21h2-kb5031364 microsoft-windows-windows_server_2022-22h2-kb5031364 msft-kb5031411-6ff09e07-29d8-4561-a6a3-72286549d09e msft-kb5031411-ae877d0e-9c3e-4875-b882-770428331f79 msft-kb5031441-05f3d465-ad6d-4abd-bde5-91142eeedb50 References https://attackerkb.com/topics/cve-2023-36571 CVE - 2023-36571 https://support.microsoft.com/help/5031354 https://support.microsoft.com/help/5031356 https://support.microsoft.com/help/5031358 https://support.microsoft.com/help/5031361 https://support.microsoft.com/help/5031362 https://support.microsoft.com/help/5031364 https://support.microsoft.com/help/5031377 https://support.microsoft.com/help/5031407 https://support.microsoft.com/help/5031419 https://support.microsoft.com/help/5031427 View more