ISHACK AI BOT

Gentoo Linux: CVE-2023-0138: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 05/05/2023 Added 05/04/2023 Modified 01/28/2025 Description Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-0138 CVE - 2023-0138 202305-10 202311-11

Gentoo Linux: CVE-2023-0133: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 01/10/2023 Created 05/05/2023 Added 05/04/2023 Modified 01/28/2025 Description Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium security severity: Medium) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-chromium-bin gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-0133 CVE - 2023-0133 202305-10 202311-11

APSB23-01:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-21579) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 01/13/2023 Added 01/12/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-21579 CVE - 2023-21579 https://helpx.adobe.com/security/products/reader/apsb23-01.html

APSB23-01:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-22242) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 01/25/2023 Added 01/24/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-22242 CVE - 2023-22242 https://helpx.adobe.com/security/products/reader/apsb23-01.html

Adobe Acrobat: CVE-2023-21607: Security updates available for Adobe Acrobat and Reader (APSB23-01) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to application denial-of-service, arbitrary code execution, privilege escalation and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-21607 https://helpx.adobe.com/security/products/acrobat/apsb23-01.html CVE - 2023-21607

APSB23-01:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-21585) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 01/10/2023 Created 01/13/2023 Added 01/12/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-21585 CVE - 2023-21585 https://helpx.adobe.com/security/products/reader/apsb23-01.html

Microsoft Windows: CVE-2023-21771: Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 References https://attackerkb.com/topics/cve-2023-21771 CVE - 2023-21771 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022303

FreeBSD: VID-3A023570-91AB-11ED-8950-001B217B3468 (CVE-2022-3613): Gitlab -- Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/09/2023 Created 01/14/2023 Added 01/12/2023 Modified 01/28/2025 Description An issue has been discovered in GitLab CE/EE affecting all versions before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A crafted Prometheus Server query can cause high resource consumption and may lead to Denial of Service. Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2022-3613

Red Hat: CVE-2022-4379: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/10/2023 Created 03/02/2023 Added 03/01/2023 Modified 01/28/2025 Description A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2022-4379 RHSA-2023:0951 RHSA-2023:0979 RHSA-2023:1008 RHSA-2023:1202 RHSA-2023:1203 RHSA-2023:1435 View more

ManageEngine Endpoint Central Unauthenticated SAML RCE Disclosed 01/10/2023 Created 02/09/2023 Description This exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP versions 10.1.2228.10 and below (CVE-2022-47966). Due to a dependency to an outdated library (Apache Santuario version 1.4.1), it is possible to execute arbitrary code by providing a crafted `samlResponse` XML to the Endpoint Central SAML endpoint. Note that the target is only vulnerable if it is configured with SAML-based SSO , and the service should be active. Author(s) Khoa Dinh horizon3ai Christophe De La Fuente h00die-gr3y <[email protected]> Platform Java,Windows Development Source Code History

Joomla!: [20240204] - Core - XSS in mail address outputs (CVE-2024-21725) Severity 6 CVSS (AV:L/AC:M/Au:S/C:N/I:C/A:C) Published 01/10/2023 Created 02/22/2024 Added 02/21/2024 Modified 01/28/2025 Description Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components. Solution(s) joomla-upgrade-4_4_3 joomla-upgrade-5_0_3 References https://attackerkb.com/topics/cve-2024-21725 CVE - 2024-21725 http://developer.joomla.org/security-centre/928-20240204-core-xss-in-mail-address-outputs.html

Amazon Linux AMI 2: CVE-2022-2196: Security patch for kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/09/2023 Created 03/23/2023 Added 03/22/2023 Modified 01/30/2025 Description A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-173-154-642 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-102-61-139 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2022-2196 AL2/ALASKERNEL-5.10-2023-028 AL2/ALASKERNEL-5.15-2023-015 AL2/ALASKERNEL-5.4-2023-043 CVE - 2022-2196

FreeBSD: VID-3A023570-91AB-11ED-8950-001B217B3468 (CVE-2022-3514): Gitlab -- Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 01/09/2023 Created 01/14/2023 Added 01/12/2023 Modified 01/28/2025 Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 6.6 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. An attacker may cause Denial of Service on a GitLab instance by exploiting a regex issue in the submodule URL parser. Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2022-3514

Debian: CVE-2022-2196: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/09/2023 Created 05/05/2023 Added 05/01/2023 Modified 01/30/2025 Description A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-2196 CVE - 2022-2196 DLA-3404-1

FreeBSD: VID-3A023570-91AB-11ED-8950-001B217B3468 (CVE-2022-4365): Gitlab -- Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 01/09/2023 Created 01/14/2023 Added 01/12/2023 Modified 01/28/2025 Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changing the configured URL in the Sentry error tracking settings page. Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2022-4365

FreeBSD: VID-3A023570-91AB-11ED-8950-001B217B3468 (CVE-2023-0042): Gitlab -- Multiple Vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 01/09/2023 Created 01/14/2023 Added 01/12/2023 Modified 01/28/2025 Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols. Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2023-0042

Ubuntu: (Multiple Advisories) (CVE-2022-2196): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/09/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/30/2025 Description A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a Solution(s) ubuntu-upgrade-linux-image-5-14-0-1059-oem ubuntu-upgrade-linux-image-5-15-0-1017-gkeop ubuntu-upgrade-linux-image-5-15-0-1026-raspi ubuntu-upgrade-linux-image-5-15-0-1026-raspi-nolpae ubuntu-upgrade-linux-image-5-15-0-1027-ibm ubuntu-upgrade-linux-image-5-15-0-1027-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1029-gke ubuntu-upgrade-linux-image-5-15-0-1030-gke ubuntu-upgrade-linux-image-5-15-0-1030-kvm ubuntu-upgrade-linux-image-5-15-0-1031-gcp ubuntu-upgrade-linux-image-5-15-0-1032-oracle ubuntu-upgrade-linux-image-5-15-0-1033-aws ubuntu-upgrade-linux-image-5-15-0-1035-azure ubuntu-upgrade-linux-image-5-15-0-1035-azure-fde ubuntu-upgrade-linux-image-5-15-0-69-generic ubuntu-upgrade-linux-image-5-15-0-69-generic-64k ubuntu-upgrade-linux-image-5-15-0-69-generic-lpae ubuntu-upgrade-linux-image-5-15-0-69-lowlatency ubuntu-upgrade-linux-image-5-15-0-69-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1029-oem ubuntu-upgrade-linux-image-5-19-0-1015-raspi ubuntu-upgrade-linux-image-5-19-0-1015-raspi-nolpae ubuntu-upgrade-linux-image-5-19-0-1019-gcp ubuntu-upgrade-linux-image-5-19-0-1019-ibm ubuntu-upgrade-linux-image-5-19-0-1019-oracle ubuntu-upgrade-linux-image-5-19-0-1020-kvm ubuntu-upgrade-linux-image-5-19-0-1021-lowlatency ubuntu-upgrade-linux-image-5-19-0-1021-lowlatency-64k ubuntu-upgrade-linux-image-5-19-0-1022-aws ubuntu-upgrade-linux-image-5-19-0-1022-azure ubuntu-upgrade-linux-image-5-19-0-38-generic ubuntu-upgrade-linux-image-5-19-0-38-generic-64k ubuntu-upgrade-linux-image-5-19-0-38-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1023-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1046-ibm ubuntu-upgrade-linux-image-5-4-0-1060-bluefield ubuntu-upgrade-linux-image-5-4-0-1066-gkeop ubuntu-upgrade-linux-image-5-4-0-1082-raspi ubuntu-upgrade-linux-image-5-4-0-1088-kvm ubuntu-upgrade-linux-image-5-4-0-1096-gke ubuntu-upgrade-linux-image-5-4-0-1098-oracle ubuntu-upgrade-linux-image-5-4-0-1099-aws ubuntu-upgrade-linux-image-5-4-0-1102-gcp ubuntu-upgrade-linux-image-5-4-0-1105-azure ubuntu-upgrade-linux-image-5-4-0-146-generic ubuntu-upgrade-linux-image-5-4-0-146-generic-lpae ubuntu-upgrade-linux-image-5-4-0-146-lowlatency ubuntu-upgrade-linux-image-6-0-0-1013-oem ubuntu-upgrade-linux-image-6-1-0-1008-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 References https://attackerkb.com/topics/cve-2022-2196 CVE - 2022-2196 USN-5970-1 USN-5976-1 USN-5977-1 USN-5978-1 USN-5979-1 USN-5980-1 USN-5982-1 USN-5985-1 USN-5987-1 USN-6004-1 USN-6020-1 USN-6151-1 View more

CentOS Linux: CVE-2022-2196: Important: kernel-rt security and bug fix update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/09/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a Solution(s) centos-upgrade-kernel centos-upgrade-kernel-rt References CVE-2022-2196

Huawei EulerOS: CVE-2022-2196: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/09/2023 Created 05/08/2023 Added 05/08/2023 Modified 01/30/2025 Description A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-2196 CVE - 2022-2196 EulerOS-SA-2023-1781

Microsoft Windows: CVE-2023-21758: Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 References https://attackerkb.com/topics/cve-2023-21758 CVE - 2023-21758 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 View more

Microsoft Windows: CVE-2023-21728: Windows Netlogon Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Netlogon Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21728 CVE - 2023-21728 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21546: Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21546 CVE - 2023-21546 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21773: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21773 CVE - 2023-21773 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21679: Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21679 CVE - 2023-21679 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more

Microsoft Windows: CVE-2023-21776: Windows Kernel Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 01/10/2023 Created 01/11/2023 Added 01/10/2023 Modified 01/28/2025 Description Windows Kernel Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5022297 microsoft-windows-windows_10-1607-kb5022289 microsoft-windows-windows_10-1809-kb5022286 microsoft-windows-windows_10-20h2-kb5022282 microsoft-windows-windows_10-21h2-kb5022282 microsoft-windows-windows_10-22h2-kb5022282 microsoft-windows-windows_11-21h2-kb5022287 microsoft-windows-windows_11-22h2-kb5022303 microsoft-windows-windows_server_2012-kb5022343 microsoft-windows-windows_server_2012_r2-kb5022346 microsoft-windows-windows_server_2016-1607-kb5022289 microsoft-windows-windows_server_2019-1809-kb5022286 microsoft-windows-windows_server_2022-21h2-kb5022291 microsoft-windows-windows_server_2022-22h2-kb5022291 msft-kb5022339-1b1341db-9895-4e60-a96e-84273b8dea95 msft-kb5022339-35777b71-2802-4f2b-91e1-e13203ba0c08 msft-kb5022339-40ea1718-9f50-40ac-9ada-a112d865b2cd msft-kb5022339-5e9a8284-c4b5-4360-982d-bae284aed3e6 msft-kb5022339-80c64b1b-d72f-488c-863c-1e09185bf01c msft-kb5022343-0f04bd31-ec93-4206-9552-0fee543e922e msft-kb5022343-bdb9a798-4f73-4434-b83d-bc05cc7cf3e6 msft-kb5022346-6df1459f-4045-41af-ba9d-f5502c438b49 msft-kb5022346-76a19426-a9ba-4152-8778-61707d85c3c1 msft-kb5022353-343ea477-ecec-440c-af2b-d6f1f23fab7a msft-kb5022353-7e6e1829-ce49-4fb1-a038-bd21bcfd6d8a References https://attackerkb.com/topics/cve-2023-21776 CVE - 2023-21776 https://support.microsoft.com/help/5022282 https://support.microsoft.com/help/5022286 https://support.microsoft.com/help/5022287 https://support.microsoft.com/help/5022289 https://support.microsoft.com/help/5022291 https://support.microsoft.com/help/5022297 https://support.microsoft.com/help/5022303 https://support.microsoft.com/help/5022343 https://support.microsoft.com/help/5022346 https://support.microsoft.com/help/5022352 View more