ISHACK AI BOT

Microsoft Office: CVE-2023-21737: Microsoft Office Visio Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Microsoft Office Visio Remote Code Execution Vulnerability Solution(s) microsoft-visio_2016-kb5002337 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2023-21737 CVE - 2023-21737 https://support.microsoft.com/help/5002337

Microsoft Windows: CVE-2023-21726: Windows Credential Manager User Interface Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Credential Manager User Interface Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21726 CVE - 2023-21726 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Red Hat: CVE-2022-4338: Moderate: openvswitch2.13 security, bug fix and enhancement update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 02/11/2023 Added 02/10/2023 Modified 01/28/2025 Description An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Solution(s) redhat-upgrade-network-scripts-openvswitch2-13 redhat-upgrade-network-scripts-openvswitch2-15 redhat-upgrade-network-scripts-openvswitch2-16 redhat-upgrade-network-scripts-openvswitch2-17 redhat-upgrade-openvswitch2-13 redhat-upgrade-openvswitch2-13-debuginfo redhat-upgrade-openvswitch2-13-debugsource redhat-upgrade-openvswitch2-13-devel redhat-upgrade-openvswitch2-13-ipsec redhat-upgrade-openvswitch2-13-test redhat-upgrade-openvswitch2-15 redhat-upgrade-openvswitch2-15-debuginfo redhat-upgrade-openvswitch2-15-debugsource redhat-upgrade-openvswitch2-15-devel redhat-upgrade-openvswitch2-15-ipsec redhat-upgrade-openvswitch2-15-test redhat-upgrade-openvswitch2-16 redhat-upgrade-openvswitch2-16-debuginfo redhat-upgrade-openvswitch2-16-debugsource redhat-upgrade-openvswitch2-16-devel redhat-upgrade-openvswitch2-16-ipsec redhat-upgrade-openvswitch2-16-test redhat-upgrade-openvswitch2-17 redhat-upgrade-openvswitch2-17-debuginfo redhat-upgrade-openvswitch2-17-debugsource redhat-upgrade-openvswitch2-17-devel redhat-upgrade-openvswitch2-17-ipsec redhat-upgrade-openvswitch2-17-test redhat-upgrade-python3-openvswitch2-13 redhat-upgrade-python3-openvswitch2-13-debuginfo redhat-upgrade-python3-openvswitch2-15 redhat-upgrade-python3-openvswitch2-15-debuginfo redhat-upgrade-python3-openvswitch2-16 redhat-upgrade-python3-openvswitch2-16-debuginfo redhat-upgrade-python3-openvswitch2-17 redhat-upgrade-python3-openvswitch2-17-debuginfo References DSA-5319 CVE-2022-4338

Microsoft Windows: CVE-2023-21754: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21754 CVE - 2023-21754 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft CVE-2023-21762: Microsoft Exchange Server Spoofing Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Microsoft CVE-2023-21762: Microsoft Exchange Server Spoofing Vulnerability Solution(s) msft-kb5022188-6f3efecc-5cbb-42b0-adb6-32a217f34bb1 References https://attackerkb.com/topics/cve-2023-21762 CVE - 2023-21762 5022143 5022188 5022193

Microsoft Windows: CVE-2023-21724: Microsoft DWM Core Library Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Microsoft DWM Core Library Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 References https://attackerkb.com/topics/cve-2023-21724 CVE - 2023-21724 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022303

Microsoft Windows: CVE-2023-21766: Windows Overlay Filter Information Disclosure Vulnerability Severity 4 CVSS (AV:L/AC:M/Au:S/C:C/I:N/A:N) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Overlay Filter Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 References https://attackerkb.com/topics/cve-2023-21766 CVE - 2023-21766 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 View more

Microsoft CVE-2023-21764: Microsoft Exchange Server Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Deprecated Solution(s)

Microsoft Windows: CVE-2023-21755: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 References https://attackerkb.com/topics/cve-2023-21755 CVE - 2023-21755 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022303

Microsoft Windows: CVE-2023-21772: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21772 CVE - 2023-21772 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21774: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21774 CVE - 2023-21774 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21527: Windows iSCSI Service Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows iSCSI Service Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21527 CVE - 2023-21527 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21524: Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 References https://attackerkb.com/topics/cve-2023-21524 CVE - 2023-21524 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21753: Event Tracing for Windows Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Event Tracing for Windows Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_server_2019-1809-kb5022286 References https://attackerkb.com/topics/cve-2023-21753 CVE - 2023-21753 https://support.microsoft.com/help/5022286

Microsoft Windows: CVE-2023-21543: Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21543 CVE - 2023-21543 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Amazon Linux 2023: CVE-2022-46176: Medium priority package update for rust Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:C/A:N) Published 01/10/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle (MITM) attacks. This vulnerability has been assigned CVE-2022-46176. All Rust versions containing Cargo before 1.66.1 are vulnerable. Note that even if you don't explicitly use SSH for alternate registry indexes or crate dependencies, you might be affected by this vulnerability if you have configured git to replace HTTPS connections to GitHub with SSH (through git's [`url.<base>.insteadOf`][1] setting), as that'd cause you to clone the crates.io index through SSH. Rust 1.66.1 will ensure Cargo checks the SSH host key and abort the connection if the server's public key is not already trusted. We recommend everyone to upgrade as soon as possible. Solution(s) amazon-linux-2023-upgrade-cargo amazon-linux-2023-upgrade-cargo-debuginfo amazon-linux-2023-upgrade-clippy amazon-linux-2023-upgrade-clippy-debuginfo amazon-linux-2023-upgrade-rust amazon-linux-2023-upgrade-rust-analysis amazon-linux-2023-upgrade-rust-analyzer amazon-linux-2023-upgrade-rust-analyzer-debuginfo amazon-linux-2023-upgrade-rust-debugger-common amazon-linux-2023-upgrade-rust-debuginfo amazon-linux-2023-upgrade-rust-debugsource amazon-linux-2023-upgrade-rust-doc amazon-linux-2023-upgrade-rustfmt amazon-linux-2023-upgrade-rustfmt-debuginfo amazon-linux-2023-upgrade-rust-gdb amazon-linux-2023-upgrade-rust-lldb amazon-linux-2023-upgrade-rust-src amazon-linux-2023-upgrade-rust-std-static amazon-linux-2023-upgrade-rust-std-static-wasm32-unknown-unknown amazon-linux-2023-upgrade-rust-std-static-wasm32-wasi References https://attackerkb.com/topics/cve-2022-46176 CVE - 2022-46176 https://alas.aws.amazon.com/AL2023/ALAS-2023-109.html

Obsolete version of Microsoft Office Click-to-Run Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 05/16/2023 Added 05/15/2023 Modified 06/26/2024 Description Microsoft Office 365 Apps is no longer supported on Windows 7. Unsupported versions of Microsoft Office 365 may contain unpatched security flaws. It is recommended to upgrade to a Windows operating system that is currently in support. Solution(s) microsoft-windows-upgrade-latest References https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-7-support

CentOS Linux: CVE-2023-21538: Moderate: .NET 6.0 security, bug fix, and enhancement update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/10/2023 Created 01/13/2023 Added 01/12/2023 Modified 01/28/2025 Description .NET Denial of Service Vulnerability Solution(s) centos-upgrade-aspnetcore-runtime-6-0 centos-upgrade-aspnetcore-targeting-pack-6-0 centos-upgrade-dotnet-apphost-pack-6-0 centos-upgrade-dotnet-apphost-pack-6-0-debuginfo centos-upgrade-dotnet-hostfxr-6-0 centos-upgrade-dotnet-hostfxr-6-0-debuginfo centos-upgrade-dotnet-runtime-6-0 centos-upgrade-dotnet-runtime-6-0-debuginfo centos-upgrade-dotnet-sdk-6-0 centos-upgrade-dotnet-sdk-6-0-debuginfo centos-upgrade-dotnet-targeting-pack-6-0 centos-upgrade-dotnet-templates-6-0 centos-upgrade-dotnet6-0-debuginfo centos-upgrade-dotnet6-0-debugsource References CVE-2023-21538

Adobe Acrobat: CVE-2023-22242: Security updates available for Adobe Acrobat and Reader (APSB23-01) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to application denial-of-service, arbitrary code execution, privilege escalation and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-22242 https://helpx.adobe.com/security/products/acrobat/apsb23-01.html CVE - 2023-22242

Ubuntu: (CVE-2023-0138): chromium-browser vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) Solution(s) ubuntu-upgrade-chromium-browser References https://attackerkb.com/topics/cve-2023-0138 CVE - 2023-0138 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html https://crbug.com/1346675 https://www.cve.org/CVERecord?id=CVE-2023-0138

Ubuntu: (CVE-2023-0131): chromium-browser vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 01/10/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium) Solution(s) ubuntu-upgrade-chromium-browser References https://attackerkb.com/topics/cve-2023-0131 CVE - 2023-0131 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html https://crbug.com/1357366 https://www.cve.org/CVERecord?id=CVE-2023-0131

Ubuntu: USN-5798-1 (CVE-2023-21538): .NET 6 vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/10/2023 Created 01/13/2023 Added 01/11/2023 Modified 01/28/2025 Description .NET Denial of Service Vulnerability Solution(s) ubuntu-upgrade-aspnetcore-runtime-6-0 ubuntu-upgrade-dotnet-host ubuntu-upgrade-dotnet-hostfxr-6-0 ubuntu-upgrade-dotnet-runtime-6-0 ubuntu-upgrade-dotnet-sdk-6-0 ubuntu-upgrade-dotnet6 References https://attackerkb.com/topics/cve-2023-21538 CVE - 2023-21538 CVE-2023-21538 USN-5798-1

Ubuntu: (CVE-2023-0137): chromium-browser vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) ubuntu-upgrade-chromium-browser References https://attackerkb.com/topics/cve-2023-0137 CVE - 2023-0137 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html https://crbug.com/1399904 https://www.cve.org/CVERecord?id=CVE-2023-0137

Ubuntu: (CVE-2023-0133): chromium-browser vulnerability Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 01/10/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium security severity: Medium) Solution(s) ubuntu-upgrade-chromium-browser References https://attackerkb.com/topics/cve-2023-0133 CVE - 2023-0133 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html https://crbug.com/1375132 https://www.cve.org/CVERecord?id=CVE-2023-0133

Ubuntu: (CVE-2023-0136): chromium-browser vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) ubuntu-upgrade-chromium-browser References https://attackerkb.com/topics/cve-2023-0136 CVE - 2023-0136 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html https://crbug.com/1356987 https://www.cve.org/CVERecord?id=CVE-2023-0136