ISHACK AI BOT

Microsoft Windows: CVE-2023-28276: Windows Group Policy Security Feature Bypass Vulnerability Severity 3 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:P) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Windows Group Policy Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b msft-kb5025273-4c1204fc-057e-45a0-a6fc-31d0df2e73b2 msft-kb5025273-bb0d6f54-0719-4c2e-a080-00915a9b9804 msft-kb5025277-3675320a-2e68-4c03-b985-6e3c23fa05b6 msft-kb5025277-6ae87183-0394-4692-9c4c-d2ff2cd3d2d6 msft-kb5025277-a87f382e-0b30-42ca-96e6-bea553208de8 References https://attackerkb.com/topics/cve-2023-28276 CVE - 2023-28276 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more

SUSE: CVE-2023-26964: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/11/2023 Created 06/23/2023 Added 06/23/2023 Modified 01/28/2025 Description An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS). Solution(s) suse-upgrade-rustup References https://attackerkb.com/topics/cve-2023-26964 CVE - 2023-26964

SUSE: CVE-2023-26555: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 06/23/2023 Added 06/23/2023 Modified 01/28/2025 Description praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver. Solution(s) suse-upgrade-ntp suse-upgrade-ntp-doc References https://attackerkb.com/topics/cve-2023-26555 CVE - 2023-26555

Debian: CVE-2023-26964: rust-h2 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/11/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS). Solution(s) debian-upgrade-rust-h2 References https://attackerkb.com/topics/cve-2023-26964 CVE - 2023-26964

CentOS Linux: CVE-2020-24736: Moderate: sqlite security update (CESA-2023:3840) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/11/2023 Created 06/28/2023 Added 06/28/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. Solution(s) centos-upgrade-lemon centos-upgrade-lemon-debuginfo centos-upgrade-sqlite centos-upgrade-sqlite-analyzer-debuginfo centos-upgrade-sqlite-debuginfo centos-upgrade-sqlite-debugsource centos-upgrade-sqlite-devel centos-upgrade-sqlite-doc centos-upgrade-sqlite-libs centos-upgrade-sqlite-libs-debuginfo centos-upgrade-sqlite-tcl-debuginfo References CVE-2020-24736

MFSA2023-15 Thunderbird: Security Vulnerabilities fixed in Thunderbird 102.10 (CVE-2023-29548) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 04/11/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) mozilla-thunderbird-upgrade-102_10 References https://attackerkb.com/topics/cve-2023-29548 CVE - 2023-29548 http://www.mozilla.org/security/announce/2023/mfsa2023-15.html

Amazon Linux AMI: CVE-2023-28484: Security patch for libxml2 (ALAS-2023-1743) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 04/11/2023 Created 05/05/2023 Added 05/04/2023 Modified 01/28/2025 Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. Solution(s) amazon-linux-upgrade-libxml2 References ALAS-2023-1743 CVE-2023-28484

MFSA2023-15 Thunderbird: Security Vulnerabilities fixed in Thunderbird 102.10 (CVE-2023-29532) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 04/11/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. Solution(s) mozilla-thunderbird-upgrade-102_10 References https://attackerkb.com/topics/cve-2023-29532 CVE - 2023-29532 http://www.mozilla.org/security/announce/2023/mfsa2023-15.html

Red Hat: CVE-2020-24736: Crash due to misuse of window functions. (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/11/2023 Created 06/28/2023 Added 06/28/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. Solution(s) redhat-upgrade-lemon redhat-upgrade-lemon-debuginfo redhat-upgrade-sqlite redhat-upgrade-sqlite-analyzer-debuginfo redhat-upgrade-sqlite-debuginfo redhat-upgrade-sqlite-debugsource redhat-upgrade-sqlite-devel redhat-upgrade-sqlite-doc redhat-upgrade-sqlite-libs redhat-upgrade-sqlite-libs-debuginfo redhat-upgrade-sqlite-tcl-debuginfo References CVE-2020-24736 RHSA-2023:3840 RHSA-2024:0425

Rocky Linux: CVE-2020-24736: sqlite (RLSA-2023-3840) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/11/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. Solution(s) rocky-upgrade-lemon rocky-upgrade-lemon-debuginfo rocky-upgrade-sqlite rocky-upgrade-sqlite-debuginfo rocky-upgrade-sqlite-debugsource rocky-upgrade-sqlite-devel rocky-upgrade-sqlite-libs rocky-upgrade-sqlite-libs-debuginfo References https://attackerkb.com/topics/cve-2020-24736 CVE - 2020-24736 https://errata.rockylinux.org/RLSA-2023:3840

Adobe Acrobat: CVE-2023-26407: Security updates available for Adobe Acrobat and Reader (APSB23-24) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-26407 https://helpx.adobe.com/security/products/acrobat/apsb23-24.html CVE - 2023-26407

Adobe Acrobat: CVE-2023-26408: Security updates available for Adobe Acrobat and Reader (APSB23-24) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-26408 https://helpx.adobe.com/security/products/acrobat/apsb23-24.html CVE - 2023-26408

Adobe Acrobat: CVE-2023-26425: Security updates available for Adobe Acrobat and Reader (APSB23-24) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-26425 https://helpx.adobe.com/security/products/acrobat/apsb23-24.html CVE - 2023-26425

Huawei EulerOS: CVE-2023-26554: ntp security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:P) Published 04/11/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/30/2025 Description mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. Solution(s) huawei-euleros-2_0_sp10-upgrade-ntp References https://attackerkb.com/topics/cve-2023-26554 CVE - 2023-26554 EulerOS-SA-2023-2389

MFSA2023-13 Firefox: Security Vulnerabilities fixed in Firefox 112, Firefox for Android 112, Focus for Android 112 (CVE-2023-29531) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. *This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. Solution(s) mozilla-firefox-upgrade-112_0 References https://attackerkb.com/topics/cve-2023-29531 CVE - 2023-29531 http://www.mozilla.org/security/announce/2023/mfsa2023-13.html

MFSA2023-13 Firefox: Security Vulnerabilities fixed in Firefox 112, Firefox for Android 112, Focus for Android 112 (CVE-2023-29541) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) mozilla-firefox-upgrade-112_0 References https://attackerkb.com/topics/cve-2023-29541 CVE - 2023-29541 http://www.mozilla.org/security/announce/2023/mfsa2023-13.html

MFSA2023-13 Firefox: Security Vulnerabilities fixed in Firefox 112, Firefox for Android 112, Focus for Android 112 (CVE-2023-29551) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. Solution(s) mozilla-firefox-upgrade-112_0 References https://attackerkb.com/topics/cve-2023-29551 CVE - 2023-29551 http://www.mozilla.org/security/announce/2023/mfsa2023-13.html

Microsoft Windows: CVE-2023-28249: Windows Boot Manager Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Windows Boot Manager Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b References https://attackerkb.com/topics/cve-2023-28249 CVE - 2023-28249 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more

Microsoft Windows: CVE-2023-28217: Windows Network Address Translation (NAT) Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Windows Network Address Translation (NAT) Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b msft-kb5025273-4c1204fc-057e-45a0-a6fc-31d0df2e73b2 msft-kb5025273-bb0d6f54-0719-4c2e-a080-00915a9b9804 msft-kb5025277-3675320a-2e68-4c03-b985-6e3c23fa05b6 msft-kb5025277-6ae87183-0394-4692-9c4c-d2ff2cd3d2d6 msft-kb5025277-a87f382e-0b30-42ca-96e6-bea553208de8 References https://attackerkb.com/topics/cve-2023-28217 CVE - 2023-28217 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more

Microsoft Windows: CVE-2023-24884: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b References https://attackerkb.com/topics/cve-2023-24884 CVE - 2023-24884 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more

Microsoft Windows: CVE-2023-24883: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b References https://attackerkb.com/topics/cve-2023-24883 CVE - 2023-24883 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more

Microsoft Windows: CVE-2023-24925: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b References https://attackerkb.com/topics/cve-2023-24925 CVE - 2023-24925 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more

Microsoft Windows: CVE-2023-24924: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b References https://attackerkb.com/topics/cve-2023-24924 CVE - 2023-24924 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more

Microsoft Windows: CVE-2023-28248: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 References https://attackerkb.com/topics/cve-2023-28248 CVE - 2023-28248 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025239 View more

Microsoft Windows: CVE-2023-28269: Windows Boot Manager Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 04/11/2023 Created 05/05/2023 Added 04/11/2023 Modified 01/28/2025 Description Windows Boot Manager Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5025234 microsoft-windows-windows_10-1607-kb5025228 microsoft-windows-windows_10-1809-kb5025229 microsoft-windows-windows_10-20h2-kb5025221 microsoft-windows-windows_10-21h2-kb5025221 microsoft-windows-windows_10-22h2-kb5025221 microsoft-windows-windows_11-21h2-kb5025224 microsoft-windows-windows_11-22h2-kb5025239 microsoft-windows-windows_server_2012-kb5025272 microsoft-windows-windows_server_2012_r2-kb5025288 microsoft-windows-windows_server_2016-1607-kb5025228 microsoft-windows-windows_server_2019-1809-kb5025229 microsoft-windows-windows_server_2022-21h2-kb5025230 microsoft-windows-windows_server_2022-22h2-kb5025230 msft-kb5025272-9aef982c-2621-4c48-84c7-d4226da9d84f msft-kb5025272-fdd3a379-31cc-4112-8189-5fb2f5b8ca2b References https://attackerkb.com/topics/cve-2023-28269 CVE - 2023-28269 https://support.microsoft.com/help/5025221 https://support.microsoft.com/help/5025224 https://support.microsoft.com/help/5025228 https://support.microsoft.com/help/5025229 https://support.microsoft.com/help/5025230 https://support.microsoft.com/help/5025234 https://support.microsoft.com/help/5025239 https://support.microsoft.com/help/5025272 https://support.microsoft.com/help/5025285 https://support.microsoft.com/help/5025288 View more