Skip to main content
CVE-2023-21768 HIGH POC THREAT Act Now

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Windows 11 Windows Server 2022
NVD GitHub
CVSS 3.1
7.8
EPSS
65.4%
CVE-2023-22895 HIGH POC PATCH This Week

The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Bzip2
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-21752 HIGH POC This Week

Windows Backup Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 11 Windows 7
NVD Exploit-DB
CVSS 3.1
7.1
EPSS
5.3%
CVE-2023-21744 HIGH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Deserialization Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2023-21742 HIGH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Authentication Bypass Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
55.8%
CVE-2023-21732 HIGH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-21681 HIGH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-21676 HIGH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 1809 Windows 10 20H2 Windows 10 21h2 +5
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-21674 HIGH KEV PATCH THREAT This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
41.5%
CVE-2023-21549 HIGH This Week

Windows SMB Witness Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 20H2 +11
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-0138 HIGH This Week

Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Google Chrome
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-0137 HIGH This Week

Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Google Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-0136 HIGH This Week

Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-0135 HIGH This Week

Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-0134 HIGH This Week

Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-0129 HIGH This Week

Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Google Chrome
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-0128 HIGH This Week

Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Google Chrome
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-0022 HIGH This Week

SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be executed by the application over the network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP RCE Code Injection Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-0016 HIGH This Week

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP SQLi Business Planning And Consolidation
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-21679 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free RCE Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21556 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow RCE Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2023-21555 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21548 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21546 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +12
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21543 HIGH This Week

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Denial Of Service Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.1
EPSS
1.7%
CVE-2023-21535 HIGH This Week

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Microsoft Windows 10 1607 Windows 10 1809 Windows 10 20H2 +11
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2023-21762 HIGH This Week

Microsoft Exchange Server Spoofing Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Deserialization Exchange Server
NVD
CVSS 3.1
8.0
EPSS
1.6%
CVE-2023-21745 HIGH This Week

Microsoft Exchange Server Spoofing Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Deserialization Exchange Server
NVD
CVSS 3.1
8.0
EPSS
1.5%
CVE-2023-21793 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21792 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21791 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21790 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21789 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21788 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21787 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21786 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21785 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21784 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21783 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-21782 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21781 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21780 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-21779 HIGH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2023-21774 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21773 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21772 HIGH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-21767 HIGH This Week

Windows Overlay Filter Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 11 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21765 HIGH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Microsoft Windows 10 Windows 11 +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-21764 HIGH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Exchange Server
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-21763 HIGH This Week

Microsoft Exchange Server Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Exchange Server
NVD
CVSS 3.1
7.8
EPSS
0.6%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy