Vulnerabilities > Microsoft > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-28 CVE-2023-1017 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine.
local
low complexity
trustedcomputinggroup microsoft CWE-787
7.8
2023-02-14 CVE-2023-21823 Integer Overflow or Wraparound vulnerability in Microsoft products
Windows Graphics Component Remote Code Execution Vulnerability
local
low complexity
microsoft CWE-190
7.8
2023-02-14 CVE-2023-21695 Unspecified vulnerability in Microsoft products
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
network
low complexity
microsoft
8.8
2023-02-14 CVE-2023-21703 Unspecified vulnerability in Microsoft Azure Data BOX Gateway and Azure Stack Edge
Azure Data Box Gateway Remote Code Execution Vulnerability
network
low complexity
microsoft
7.2
2023-02-14 CVE-2023-21715 Incorrect Authorization vulnerability in Microsoft 365 Apps
Microsoft Publisher Security Feature Bypass Vulnerability
local
low complexity
microsoft CWE-863
7.3
2023-02-14 CVE-2023-21777 Improper Privilege Management vulnerability in Microsoft Azure APP Service on Azure Stack
Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
8.7
2023-02-14 CVE-2023-23376 Out-of-bounds Write vulnerability in Microsoft products
Windows Common Log File System Driver Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-787
7.8
2023-02-12 CVE-2022-38396 Unspecified vulnerability in Microsoft products
HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path.
local
low complexity
microsoft
7.8
2023-01-26 CVE-2022-4510 Path Traversal vulnerability in Microsoft Binwalk
A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included.
local
low complexity
microsoft CWE-22
7.8
2023-01-10 CVE-2023-21674 Use After Free vulnerability in Microsoft products
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-416
8.8