Vulnerabilities > Microsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-20569 Information Exposure Through Discrepancy vulnerability in multiple products
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction.
local
high complexity
fedoraproject debian amd microsoft CWE-203
4.7
4.7
2023-08-08 CVE-2023-20588 Divide By Zero vulnerability in multiple products
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 
local
low complexity
debian amd xen fedoraproject microsoft CWE-369
5.5
5.5
2023-08-08 CVE-2023-35384 Unspecified vulnerability in Microsoft products
Windows HTML Platforms Security Feature Bypass Vulnerability
network
low complexity
microsoft
6.5
6.5
2023-08-08 CVE-2023-36897 Unspecified vulnerability in Microsoft products
Visual Studio Tools for Office Runtime Spoofing Vulnerability
network
low complexity
microsoft
6.5
6.5
2023-08-08 CVE-2023-36908 Unspecified vulnerability in Microsoft products
Windows Hyper-V Information Disclosure Vulnerability
low complexity
microsoft
6.5
6.5
2023-07-18 CVE-2023-37139 Out-of-bounds Write vulnerability in Microsoft Chakracore
ChakraCore branch master cbb9b was discovered to contain a stack overflow vulnerability via the function Js::ScopeSlots::IsDebuggerScopeSlotArray().
local
low complexity
microsoft CWE-787
5.5
5.5
2023-07-18 CVE-2023-37140 Resource Exhaustion vulnerability in Microsoft Chakracore
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::DiagScopeVariablesWalker::GetChildrenCount().
local
low complexity
microsoft CWE-400
5.5
5.5
2023-07-18 CVE-2023-37141 Resource Exhaustion vulnerability in Microsoft Chakracore
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::ProfilingHelpers::ProfiledNewScArray().
local
low complexity
microsoft CWE-400
5.5
5.5
2023-07-18 CVE-2023-37142 Resource Exhaustion vulnerability in Microsoft Chakracore
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::EntryPointInfo::HasInlinees().
local
low complexity
microsoft CWE-400
5.5
5.5
2023-07-18 CVE-2023-37143 Resource Exhaustion vulnerability in Microsoft Chakracore
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function BackwardPass::IsEmptyLoopAfterMemOp().
local
low complexity
microsoft CWE-400
5.5
5.5