ISHACK AI BOT

Microsoft Edge Chromium: CVE-2023-6112 Use after free in Navigation Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/15/2023 Created 11/18/2023 Added 11/17/2023 Modified 01/28/2025 Description Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-6112 CVE - 2023-6112 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-6112

Microsoft Exchange: CVE-2023-36035: Microsoft Exchange Server Spoofing Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 11/15/2023 Created 11/15/2023 Added 11/15/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-36035: Microsoft Exchange Server Spoofing Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5032147 microsoft-exchange-exchange_server_2019_CU12-kb5032146 microsoft-exchange-exchange_server_2019_CU13-kb5032146 References https://attackerkb.com/topics/cve-2023-36035 CVE - 2023-36035 https://support.microsoft.com/help/5032146 https://support.microsoft.com/help/5032147

Microsoft Exchange: CVE-2023-36439: Microsoft Exchange Server Remote Code Execution Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 11/15/2023 Created 11/15/2023 Added 11/15/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-36439: Microsoft Exchange Server Remote Code Execution Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5032147 microsoft-exchange-exchange_server_2019_CU12-kb5032146 microsoft-exchange-exchange_server_2019_CU13-kb5032146 References https://attackerkb.com/topics/cve-2023-36439 CVE - 2023-36439 https://support.microsoft.com/help/5032146 https://support.microsoft.com/help/5032147

Microsoft Exchange: CVE-2023-36039: Microsoft Exchange Server Spoofing Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 11/15/2023 Created 11/15/2023 Added 11/15/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-36039: Microsoft Exchange Server Spoofing Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5032147 microsoft-exchange-exchange_server_2019_CU12-kb5032146 microsoft-exchange-exchange_server_2019_CU13-kb5032146 References https://attackerkb.com/topics/cve-2023-36039 CVE - 2023-36039 https://support.microsoft.com/help/5032146 https://support.microsoft.com/help/5032147

Debian: CVE-2023-5997: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/15/2023 Created 11/21/2023 Added 11/20/2023 Modified 01/28/2025 Description Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-5997 CVE - 2023-5997 DSA-5556-1

VideoLAN-SB-VLC-3020: Vulnerability fixed in VLC media player Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/15/2023 Created 11/16/2023 Added 11/15/2023 Modified 11/15/2023 Description A denial of service could be triggered with a maliciously crafted mms stream (out-of-bounds write) Solution(s) videolan-vlc-upgrade-3_0_20

Microsoft Exchange: CVE-2023-36050: Microsoft Exchange Server Spoofing Vulnerability Severity 8 CVSS (AV:A/AC:L/Au:S/C:C/I:C/A:C) Published 11/15/2023 Created 11/15/2023 Added 11/15/2023 Modified 01/28/2025 Description Microsoft Exchange: CVE-2023-36050: Microsoft Exchange Server Spoofing Vulnerability Solution(s) microsoft-exchange-exchange_server_2016_CU23-kb5032147 microsoft-exchange-exchange_server_2019_CU12-kb5032146 microsoft-exchange-exchange_server_2019_CU13-kb5032146 References https://attackerkb.com/topics/cve-2023-36050 CVE - 2023-36050 https://support.microsoft.com/help/5032146 https://support.microsoft.com/help/5032147

APSB23-54:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-44359) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-44359 CVE - 2023-44359 https://helpx.adobe.com/security/products/reader/apsb23-54.html

SUSE: CVE-2022-23830: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 11/14/2023 Created 12/08/2023 Added 12/07/2023 Modified 01/28/2025 Description SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity. Solution(s) suse-upgrade-kernel-firmware suse-upgrade-kernel-firmware-all suse-upgrade-kernel-firmware-amdgpu suse-upgrade-kernel-firmware-ath10k suse-upgrade-kernel-firmware-ath11k suse-upgrade-kernel-firmware-atheros suse-upgrade-kernel-firmware-bluetooth suse-upgrade-kernel-firmware-bnx2 suse-upgrade-kernel-firmware-brcm suse-upgrade-kernel-firmware-chelsio suse-upgrade-kernel-firmware-dpaa2 suse-upgrade-kernel-firmware-i915 suse-upgrade-kernel-firmware-intel suse-upgrade-kernel-firmware-iwlwifi suse-upgrade-kernel-firmware-liquidio suse-upgrade-kernel-firmware-marvell suse-upgrade-kernel-firmware-media suse-upgrade-kernel-firmware-mediatek suse-upgrade-kernel-firmware-mellanox suse-upgrade-kernel-firmware-mwifiex suse-upgrade-kernel-firmware-network suse-upgrade-kernel-firmware-nfp suse-upgrade-kernel-firmware-nvidia suse-upgrade-kernel-firmware-platform suse-upgrade-kernel-firmware-prestera suse-upgrade-kernel-firmware-qcom suse-upgrade-kernel-firmware-qlogic suse-upgrade-kernel-firmware-radeon suse-upgrade-kernel-firmware-realtek suse-upgrade-kernel-firmware-serial suse-upgrade-kernel-firmware-sound suse-upgrade-kernel-firmware-ti suse-upgrade-kernel-firmware-ueagle suse-upgrade-kernel-firmware-usb-network suse-upgrade-ucode-amd References https://attackerkb.com/topics/cve-2022-23830 CVE - 2022-23830

FreeBSD: VID-7CC003CB-83B9-11EE-957D-B42E991FC52E (CVE-2023-47127): typo3 -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 11/14/2023 Created 11/18/2023 Added 11/16/2023 Modified 01/28/2025 Description TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused on the second site without requiring additional authentication. This vulnerability has been addressed in versions 8.7.55, 9.5.44, 10.4.41, 11.5.33, and 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) freebsd-upgrade-package-typo3-11 freebsd-upgrade-package-typo3-12 References CVE-2023-47127

Adobe Photoshop: CVE-2023-44332: Security updates available for Adobe Photoshop (APSB23-56) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/29/2024 Added 03/04/2024 Modified 12/18/2024 Description Adobe has released an update for Photoshop for Windows and macOS. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-photoshop-upgrade-latest References https://attackerkb.com/topics/cve-2023-44332 CVE - 2023-44332 https://helpx.adobe.com/security/products/photoshop/apsb23-56.html

FreeBSD: VID-7CC003CB-83B9-11EE-957D-B42E991FC52E (CVE-2023-47126): typo3 -- Multiple vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 11/14/2023 Created 11/18/2023 Added 11/16/2023 Modified 01/28/2025 Description TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions the login screen of the standalone install tool discloses the full path of the transient data directory (e.g. /var/www/html/var/transient/). This applies to composer-based scenarios only - “classic” non-composer installations are not affected. This issue has been addressed in version 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) freebsd-upgrade-package-typo3-11 freebsd-upgrade-package-typo3-12 References CVE-2023-47126

Fortinet FortiAnalyzer: Unspecified Security Vulnerability (CVE-2023-40719) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/14/2023 Created 11/23/2023 Added 11/22/2023 Modified 01/28/2025 Description A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials. Solution(s) fortinet-fortianalyzer-upgrade-latest References https://attackerkb.com/topics/cve-2023-40719 CVE - 2023-40719 https://fortiguard.com/psirt/FG-IR-23-177

Debian: CVE-2023-20592: amd64-microcode -- security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:C/A:N) Published 11/14/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. Solution(s) debian-upgrade-amd64-microcode References https://attackerkb.com/topics/cve-2023-20592 CVE - 2023-20592

Microsoft Windows Defender Elevation of Privilege Vulnerability (CVE-2023-36422) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/28/2025 Description Microsoft Windows Defender Elevation of Privilege Vulnerability Solution(s) windows-defender-upgrade-latest References https://attackerkb.com/topics/cve-2023-36422 CVE - 2023-36422 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36422

Amazon Linux 2023: CVE-2023-23583: Important priority package update for microcode_ctl Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. A security vulnerability was found in some Intel processors. Execution of REP MOVSB instructions with a redundant REX prefix may result in execution continuing at an incorrect EIP address after a micro-architectural event occurs, potentially allowing privilege escalation, information disclosure and/or a denial of service via local access. Solution(s) amazon-linux-2023-upgrade-microcode-ctl References https://attackerkb.com/topics/cve-2023-23583 CVE - 2023-23583 https://alas.aws.amazon.com/AL2023/ALAS-2023-436.html

Red Hat OpenShift: CVE-2023-5528: kubernetes: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 12/08/2023 Added 12/07/2023 Modified 01/28/2025 Description A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. Solution(s) linuxrpm-upgrade-openshift4-wincw-windows-machine-config-rhel8-operator linuxrpm-upgrade-openshift4-wincw-windows-machine-config-rhel9-operator References https://attackerkb.com/topics/cve-2023-5528 CVE - 2023-5528 RHSA-2023:7662 RHSA-2023:7709 RHSA-2023:7710 RHSA-2024:0954 RHSA-2024:1203

Debian: CVE-2023-6111: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times. We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-6111 CVE - 2023-6111

Microsoft Windows: CVE-2023-36399: Windows Storage Elevation of Privilege Vulnerability Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 07/22/2024 Description Windows Storage Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 References https://attackerkb.com/topics/cve-2023-36399 CVE - 2023-36399 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032202

Microsoft Windows: CVE-2023-36406: Windows Hyper-V Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 07/22/2024 Description Windows Hyper-V Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 References https://attackerkb.com/topics/cve-2023-36406 CVE - 2023-36406 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032202

Microsoft Windows: CVE-2023-36046: Windows Authentication Denial of Service Vulnerability Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 07/11/2024 Description Windows Authentication Denial of Service Vulnerability Solution(s) microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2022-23h2-kb5032202 References https://attackerkb.com/topics/cve-2023-36046 CVE - 2023-36046 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032202

Microsoft Windows: CVE-2023-36424: Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 09/06/2024 Description Windows Common Log File System Driver Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5032199 microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2012-kb5032247 microsoft-windows-windows_server_2012_r2-kb5032249 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 msft-kb5032248-06a12477-d077-4fd3-8043-74c85e3d34cc msft-kb5032248-558aba2e-6f78-4637-bcc8-7120eefb8770 msft-kb5032250-2671b498-e9e2-44dc-b130-30770b02e3f4 References https://attackerkb.com/topics/cve-2023-36424 CVE - 2023-36424 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032199 https://support.microsoft.com/help/5032202 https://support.microsoft.com/help/5032247 https://support.microsoft.com/help/5032249 View more

Microsoft Windows: CVE-2023-36033: Windows DWM Core Library Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 08/07/2024 Description Windows DWM Core Library Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 References https://attackerkb.com/topics/cve-2023-36033 CVE - 2023-36033 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032202 View more

Microsoft CVE-2023-36049: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:S/C:P/I:C/A:P) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 10/01/2024 Description Microsoft CVE-2023-36049: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability Solution(s) msft-kb5031984-433e3137-8a26-4d7a-8bcb-7513377c6075 msft-kb5031984-a9946e0d-1914-439f-8900-6018a4f28c6d msft-kb5031984-cab4ff71-44ba-4f8e-81ad-d8e30a329fd0 msft-kb5031985-61c8af7a-3e3c-4450-b720-49306c9c8f89 msft-kb5031986-324a1004-b9b3-4f2f-bd94-c9f0537dca5a msft-kb5031987-9975c45e-1267-4183-9ecd-ff5415df3fa4 msft-kb5031987-c6c33d6a-f902-4334-9ec3-6bcf225b7fa4 msft-kb5031987-f178a4f4-0c47-4249-bce4-366cfcc17c7b msft-kb5031989-4ce5dabd-757f-42dc-9f9c-83e1d6a3d7d4 msft-kb5031989-ded43933-708a-4a44-b041-f469e1be5634 msft-kb5031989-f52e66f4-656f-47c8-91c1-2ebff5f6e929 msft-kb5031990-0d5993f9-5c5a-4d92-926e-0c448a92c6c7 msft-kb5031990-60e7b103-48e8-41c7-a7c5-f7e290477218 msft-kb5031990-ee744fbc-c350-464d-953a-d503a50bcb20 msft-kb5031991-67473b4a-911c-434a-8bc7-826117ed5f28 msft-kb5031992-739bee89-761a-404d-b139-db4f17deec07 msft-kb5031993-38ad339f-1ac3-46ac-bac9-b5fec4656c0f msft-kb5031993-e3fce25d-0330-4dea-a821-b5ec16fa7a05 msft-kb5031994-662c1c61-4321-420d-9363-7d242e4e2843 msft-kb5031995-d8c452a6-cd28-4ae6-bde1-270392087871 msft-kb5031998-4d769bf8-bafe-44b1-8c90-0e0d7943d92e msft-kb5031999-6d5baada-4d8d-4b38-8360-1daaf0edc13e msft-kb5031999-886e6465-7979-4b6b-901a-e7cf9cbf7775 msft-kb5032000-c4bfc986-d2a3-413d-bcf2-bdfe2a790aa3 msft-kb5032001-b145be4e-f521-4216-a07c-f9912dad6417 msft-kb5032004-0614fa73-dbe1-4cc7-bb71-c28acab7b35b msft-kb5032006-33f65e6f-9649-4d06-b323-5228914e0318 msft-kb5032007-5ec9da23-a4a7-4789-841c-bb4697f584d4 msft-kb5032008-18c27df8-ad8b-48ba-8380-998339acaea3 msft-kb5032008-e90858c6-3071-42eb-bc45-f11f10184020 msft-kb5032009-247eb4d7-62f2-426b-a604-a844aaa1afa3 msft-kb5032009-28d5df30-e36e-4acd-a6ff-1446f5203b27 msft-kb5032009-53ae93ac-4b7e-4aa6-bc06-a4b38ccae11d msft-kb5032010-fdc56324-d50c-46d0-924e-c89181152adc msft-kb5032011-166235cb-08a5-424f-bcb0-46aac7f7c986 msft-kb5032011-8fc524c8-57c6-4d09-abc4-469855087c97 msft-kb5032012-99562c15-735d-4f0b-84ff-13c5cfb99ccf msft-kb5032197-01f50d2b-8e36-4e09-8525-c159c263ff14 msft-kb5032197-80bdc166-b91b-4627-a5e9-563bcb64a228 msft-kb5032199-41b12843-a97e-4d53-8c89-be47dbeed25f msft-kb5032199-7797b654-de84-42ca-be70-51d296209d44 References https://attackerkb.com/topics/cve-2023-36049 CVE - 2023-36049 5031984 5031985 5031986 5031987 5031988 5031989 5031990 5031991 5031992 5031993 5031994 5031995 5031998 5031999 5032000 5032001 5032004 5032005 5032006 5032007 5032008 5032009 5032010 5032011 5032012 5032185 5032186 5032197 5032199 5032336 5032337 5032338 5032339 5032340 5032341 5032342 5032343 5032344 5032883 5032884 View more

Microsoft Windows: CVE-2023-36404: Windows Kernel Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 08/07/2024 Description Windows Kernel Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 References https://attackerkb.com/topics/cve-2023-36404 CVE - 2023-36404 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032202 View more