Latest microsoft windows server 2022 Vulnerabilities

CVE-2023-20596
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
Amd Ryzen 7 5700g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 5 5600g
and 122 more
CVE-2023-20571
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2023-20565
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2023-20563
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2021-46758
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availa...
Amd Ryzen 7 5700g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 5 5600g
and 116 more
CVE-2023-20533
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
Amd Epyc 7232p Firmware<romepi_1.0.0.d
Amd Epyc 7232p
Amd Epyc 7252 Firmware<romepi_1.0.0.d
Amd Epyc 7252
Amd Epyc 7262 Firmware<romepi_1.0.0.d
Amd Epyc 7262
and 165 more
CVE-2023-20521
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of ...
Microsoft Windows 10<naplespi_1.0.0.h
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.h
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.h
Microsoft Windows 11
and 180 more
CVE-2021-46774
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
Microsoft Windows 10<naplespi_1.0.0.k
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.k
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.k
Microsoft Windows 11
and 268 more
CVE-2023-36399
Windows Storage Elevation of Privilege Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
and 10 more
CVE-2023-36049
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Microsoft .NET Framework=4.8
Microsoft .NET Framework=4.8
Microsoft .NET Framework=3.5=4.6.2=4.7=4.7.1=4.7.2
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=4.8
Microsoft .NET Framework=2.0
and 73 more
CVE-2023-36424
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows 11=21H2
Microsoft Windows Server 2012
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
and 51 more
CVE-2023-36392
DHCP Server Service Denial of Service Vulnerability
Microsoft Windows Server 2016
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
and 10 more
CVE-2023-36400
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
Microsoft Windows Server 2016
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=23H2
and 42 more
CVE-2023-36560
ASP.NET Security Feature Bypass Vulnerability
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=3.5
Microsoft .NET Framework=3.5=4.8.1
Microsoft .NET Framework=4.6.2=4.7=4.7.1=4.7.2
Microsoft .NET Framework=3.5=4.8.1
and 56 more
CVE-2023-36423
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows 11=21H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012
and 51 more
CVE-2023-36047
Windows Authentication Elevation of Privilege Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
and 31 more
CVE-2023-36719
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows Server 2016
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
and 50 more
CVE-2023-36407
Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
and 10 more
CVE-2023-36403
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows Server 2012
Microsoft Windows 11=23H2
and 50 more
CVE-2023-36395
Windows Deployment Services Denial of Service Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Windows Server 2008
and 18 more
CVE-2023-36017
Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2019
Microsoft Windows 11=22H2
and 51 more
CVE-2023-36398
Windows NTFS Information Disclosure Vulnerability
Microsoft Windows Server 2016
Microsoft Windows 11=23H2
Microsoft Windows Server 2012 R2
Microsoft Windows 11=23H2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012
and 48 more
CVE-2023-36402
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2019
and 56 more
CVE-2023-36408
Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows Server 2019
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
Microsoft Windows Server 2016
Microsoft Windows Server 2016
and 22 more
CVE-2023-36028
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2016
Microsoft Windows 11=23H2
Microsoft Windows 11=23H2
and 42 more
CVE-2023-36394
Windows Search Service Elevation of Privilege Vulnerability
Microsoft Windows Server 2016
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
and 33 more
CVE-2023-36427
Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows Server 2019
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
and 14 more
CVE-2023-36405
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
Microsoft Windows Server 2016
and 32 more
CVE-2023-36401
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2008
Microsoft Windows Server 2012 R2
and 56 more
CVE-2023-24023
Mitre: CVE-2023-24023 Bluetooth Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022, 23H2 Edition
and 16 more
CVE-2023-36397
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2008
Microsoft Windows 11=23H2
Microsoft Windows Server 2008
and 56 more
CVE-2023-36425
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows Server 2012
Microsoft Windows 11=23H2
Microsoft Windows Server 2008
and 51 more
CVE-2023-36393
Windows User Interface Application Core Remote Code Execution Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows Server 2008
Microsoft Windows 11=23H2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 11=21H2
and 56 more
CVE-2023-36428
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
and 50 more
CVE-2023-36046
Windows Authentication Denial of Service Vulnerability
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
and 8 more
CVE-2023-36406
Windows Hyper-V Information Disclosure Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=22H2
Microsoft Windows 11=23H2
and 8 more
CVE-2023-36705
Windows Installer Elevation of Privilege Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
and 49 more
CVE-2023-36404
Windows Kernel Information Disclosure Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2016
and 32 more
CVE-2023-36033
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Microsoft Windows 11=23H2
Microsoft Windows Server 2019
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
and 33 more
CVE-2023-36036
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008
Microsoft Windows 11=23H2
Microsoft Windows Server 2019
Microsoft Windows Server 2012
and 57 more
CVE-2023-36025
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows 11=21H2
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
and 57 more
CVE-2023-39281
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
Insyde InsydeH2O=05.45.24.0039
Intel B760
Intel C262
Intel C266
Intel Core I3-1305u
Intel Core I3-13100
and 283 more
CVE-2023-20598
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addre...
AMD Radeon Software<23.9.2
Amd Radeon Rx 5300
Amd Radeon Rx 5300 Xt
Amd Radeon Rx 5300m
Amd Radeon Rx 5500
Amd Radeon Rx 5500 Xt
and 102 more
CVE-2023-38159
Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 10=1809
Microsoft Windows Server 2022
Microsoft Windows 10=21H2
Microsoft Windows 10=22H2
and 27 more
CVE-2023-36709
Microsoft AllJoyn API Denial of Service Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 10=22H2
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
and 27 more
CVE-2023-36729
Named Pipe File System Elevation of Privilege Vulnerability
Microsoft Windows Server 2016
Microsoft Windows 10=22H2
Microsoft Windows 10=1809
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2019
Microsoft Windows 10=1809
and 32 more
CVE-2023-36717
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows Server 2022
Microsoft Windows 10=22H2
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows 10=1607
and 19 more
CVE-2023-36725
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows 10=22H2
Microsoft Windows Server 2019
Microsoft Windows Server 2019
Microsoft Windows 11=22H2
Microsoft Windows Server 2022
Microsoft Windows 10=22H2
and 18 more
CVE-2023-36572
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Windows Server 2008
Microsoft Windows Server 2022
Microsoft Windows 11=21H2
Microsoft Windows 10
Microsoft Windows 10=22H2
Microsoft Windows 10=21H2
and 41 more
CVE-2023-36594
Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft Windows 11=22H2
Microsoft Windows 10=21H2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2008
Microsoft Windows 10=21H2
and 50 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2023 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203