Latest microsoft windows 11 Vulnerabilities

CVE-2023-20596
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
Amd Ryzen 7 5700g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 5 5600g
and 122 more
CVE-2023-20571
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2023-20565
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2023-20563
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2021-46758
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availa...
Amd Ryzen 7 5700g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 5 5600g
and 116 more
CVE-2023-20592
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential lo...
Microsoft Windows 10
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware
Amd Epyc 7251
Microsoft Windows 11
Microsoft Windows 11
and 132 more
CVE-2023-20526
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.
Microsoft Windows 10<naplespi_1.0.0.h
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.h
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.h
Microsoft Windows 11
and 140 more
CVE-2023-20521
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of ...
Microsoft Windows 10<naplespi_1.0.0.h
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.h
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.h
Microsoft Windows 11
and 180 more
CVE-2021-46774
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
Microsoft Windows 10<naplespi_1.0.0.k
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.k
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.k
Microsoft Windows 11
and 268 more
CVE-2023-20568
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potent...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 118 more
CVE-2023-20567
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature p...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 118 more
CVE-2021-46748
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential d...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 118 more
CVE-2023-36049
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Microsoft .NET Framework=4.8
Microsoft .NET Framework=4.8
Microsoft .NET Framework=3.5=4.6.2=4.7=4.7.1=4.7.2
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=4.8
Microsoft .NET Framework=2.0
and 73 more
CVE-2023-36424
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows 11=21H2
Microsoft Windows Server 2012
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
and 51 more
CVE-2023-36400
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
Microsoft Windows Server 2016
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=23H2
and 42 more
CVE-2023-36560
ASP.NET Security Feature Bypass Vulnerability
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=3.5
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=4.6.2=4.7=4.7.1=4.7.2
Microsoft .NET Framework=3.5=4.8.1
and 56 more
CVE-2023-36423
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows 11=21H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012
and 51 more
CVE-2023-36396
Windows Compressed Folder Remote Code Execution Vulnerability
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
Microsoft Windows 11<10.0.22621.2715
Microsoft Windows 11<10.0.22621.2715
and 2 more
CVE-2023-36399
Windows Storage Elevation of Privilege Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
and 10 more
CVE-2023-36047
Windows Authentication Elevation of Privilege Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
and 31 more
CVE-2023-36719
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows Server 2016
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
and 50 more
CVE-2023-36407
Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
and 10 more
CVE-2023-36403
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows Server 2012
Microsoft Windows 11=23H2
and 50 more
CVE-2023-36017
Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2019
Microsoft Windows 11=22H2
and 51 more
CVE-2023-36398
Windows NTFS Information Disclosure Vulnerability
Microsoft Windows Server 2016
Microsoft Windows 11=23H2
Microsoft Windows Server 2012 R2
Microsoft Windows 11=23H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012
and 48 more
CVE-2023-36402
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2019
and 56 more
CVE-2023-36408
Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows Server 2019
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
Microsoft Windows Server 2016
Microsoft Windows Server 2016
and 22 more
CVE-2023-36028
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2016
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
and 42 more
CVE-2023-36394
Windows Search Service Elevation of Privilege Vulnerability
Microsoft Windows Server 2016
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
and 33 more
CVE-2023-36427
Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows Server 2019
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
and 14 more
CVE-2023-36405
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
Microsoft Windows Server 2016
and 32 more
CVE-2023-36401
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2008
Microsoft Windows Server 2012 R2
and 56 more
CVE-2023-24023
Mitre: CVE-2023-24023 Bluetooth Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022, 23H2 Edition
and 16 more
CVE-2023-36397
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2008
Microsoft Windows 11=23H2
Microsoft Windows Server 2008
and 56 more
CVE-2023-36425
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows Server 2012
Microsoft Windows 11=23H2
Microsoft Windows Server 2008
and 51 more
CVE-2023-36393
Windows User Interface Application Core Remote Code Execution Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows Server 2008
Microsoft Windows 11=23H2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 11=21H2
and 56 more
CVE-2023-36428
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
and 50 more
CVE-2023-36046
Windows Authentication Denial of Service Vulnerability
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
and 8 more
CVE-2023-36406
Windows Hyper-V Information Disclosure Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
and 8 more
CVE-2023-36705
Windows Installer Elevation of Privilege Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
and 49 more
CVE-2023-36404
Windows Kernel Information Disclosure Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2016
and 32 more
CVE-2023-36033
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Microsoft Windows 11=23H2
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
and 33 more
CVE-2023-36036
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows 11=23H2
Microsoft Windows Server 2019
Microsoft Windows Server 2012
and 57 more
CVE-2023-36025
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
and 57 more
CVE-2023-36605
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
Microsoft Windows Server 2022
Microsoft Windows 10=21H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows 10=22H2
Microsoft Windows 10=1809
and 18 more
CVE-2023-36710
Windows Media Foundation Core Remote Code Execution Vulnerability
Microsoft Windows 10=22H2
Microsoft Windows 10=1809
Microsoft Windows 10=21H2
Microsoft Windows 11=22H2
Microsoft Windows Server 2012 R2
Microsoft Windows 10=22H2
and 38 more
CVE-2023-41773
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008
Microsoft Windows 10=1809
Microsoft Windows Server 2008
Microsoft Windows Server 2022
Microsoft Windows Server 2012 R2
and 41 more
CVE-2023-36570
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows 10=21H2
Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows 10=1607
Microsoft Windows Server 2022
and 41 more
CVE-2023-36593
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Windows 10=22H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows 11=22H2
Microsoft Windows Server 2016
Microsoft Windows Server 2022
and 43 more
CVE-2023-36431
Microsoft Message Queuing Denial of Service Vulnerability
Microsoft Windows 10=21H2
Microsoft Windows Server 2008 R2
Microsoft Windows 10=22H2
Microsoft Windows 10=1809
Microsoft Windows Server 2008
Microsoft Windows 11=22H2
and 41 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2023 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203