CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2023-35328 Windows Transaction Manager Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-35329 Windows Authentication Denial of Service Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2023-35330 Windows Extended Negotiation Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2023-35331 Windows Local Security Authority (LSA) Denial of Service Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2023-2763 Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SO... | 7.8 | HIGH | — | 0 |
| CVE-2023-35332 Windows Remote Desktop Protocol Security Feature Bypass | 6.8 | MEDIUM | — | 0 |
| CVE-2023-35333 MediaWiki PandocUpload Extension Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2023-35335 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | 8.2 | HIGH | — | 0 |
| CVE-2023-35336 Windows MSHTML Platform Security Feature Bypass Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2023-35337 Win32k Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-32200 There is insufficient restrictions of called script functions in Apache Jena versions 4.8.0 and earlier. It allows a remote user to execute javascript via a SPARQL query. This issue affects Apache J... | 8.8 | HIGH | — | 0 |
| CVE-2023-35338 Windows Peer Name Resolution Protocol Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2023-35339 Windows CryptoAPI Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2023-35340 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-35341 Microsoft DirectMusic Information Disclosure Vulnerability | 6.2 | MEDIUM | — | 0 |
| CVE-2023-38349 PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26. | 8.8 | HIGH | — | 0 |
| CVE-2023-35342 Windows Image Acquisition Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-35343 Windows Geolocation Service Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-35344 Windows DNS Server Remote Code Execution Vulnerability | 6.6 | MEDIUM | — | 0 |
| CVE-2023-35345 Windows DNS Server Remote Code Execution Vulnerability | 6.6 | MEDIUM | — | 0 |
| CVE-2023-37199 A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote code execution when an admin user on DCE tampers with backups which are then manually ... | 6.8 | MEDIUM | — | 0 |
| CVE-2023-35346 Windows DNS Server Remote Code Execution Vulnerability | 6.6 | MEDIUM | — | 0 |
| CVE-2023-35347 Microsoft Install Service Elevation of Privilege Vulnerability | 7.1 | HIGH | — | 0 |
| CVE-2023-35348 Active Directory Federation Service Security Feature Bypass Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2023-35350 Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | 7.2 | HIGH | — | 0 |
| CVE-2023-29984 Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to ... | 7.5 | HIGH | — | 0 |
| CVE-2023-35351 Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | 6.6 | MEDIUM | — | 0 |
| CVE-2023-35352 Windows Remote Desktop Security Feature Bypass Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2023-35353 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-35360 Windows Kernel Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2023-24491 A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the v... | 7.8 | HIGH | — | 0 |
| CVE-2023-35361 Windows Kernel Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2023-35362 Windows Clip Service Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-35363 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-35364 Windows Kernel Elevation of Privilege Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2023-35365 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2023-35366 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2023-35367 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability | 5.3 | MEDIUM | — | 0 |
| CVE-2023-35374 Paint 3D Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-36536 Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. | 8.2 | HIGH | — | 0 |
| CVE-2023-36537 Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | 7.3 | HIGH | — | 0 |
| CVE-2023-36538 Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. | 8.4 | HIGH | — | 0 |
| CVE-2023-36825 Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to v... | 9.6 | CRITICAL | — | 0 |
| CVE-2023-36867 Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2023-36868 Azure Service Fabric on Windows Information Disclosure Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2023-36871 Azure Active Directory Security Feature Bypass Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2023-36872 VP9 Video Extensions Information Disclosure Vulnerability | 5.5 | MEDIUM | — | 0 |
| CVE-2023-37271 RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stac... | 8.4 | HIGH | — | 0 |
| CVE-2023-3625 A vulnerability classified as critical was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This vulnerability affects unknown code of the file... | 6.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.