CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
CVE-2023-21756 | Windows Win32k Elevation of Privilege Vulnerability | Microsoft Graphics Component | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-33148 | Microsoft Office Elevation of Privilege Vulnerability | Microsoft Office | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-33149 | Microsoft Office Graphics Remote Code Execution Vulnerability | Microsoft Graphics Component | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-33150 | Microsoft Office Security Feature Bypass Vulnerability | Microsoft Office | Important | 9.6 | Security Feature Bypass | No | No |
CVE-2023-33151 | Microsoft Outlook Spoofing Vulnerability | Microsoft Office Outlook | Important | 6.5 | Spoofing | No | No |
CVE-2023-33152 | Microsoft ActiveX Remote Code Execution Vulnerability | Microsoft Office Access | Important | 7 | Remote Code Execution | No | No |
CVE-2023-33153 | Microsoft Outlook Remote Code Execution Vulnerability | Microsoft Office Outlook | Important | 6.8 | Remote Code Execution | No | No |
CVE-2023-33165 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | Microsoft Office SharePoint | Important | 4.3 | Security Feature Bypass | No | No |
CVE-2023-33166 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-33167 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-33168 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-33169 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-33172 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-33173 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-33174 | Windows Cryptographic Information Disclosure Vulnerability | Windows Cryptographic Services | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-32033 | Microsoft Failover Cluster Remote Code Execution Vulnerability | Windows Cluster Server | Important | 6.6 | Remote Code Execution | No | No |
CVE-2023-32034 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-32035 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-32037 | Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability | Windows Layer 2 Tunneling Protocol | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-32038 | Microsoft ODBC Driver Remote Code Execution Vulnerability | Windows ODBC Driver | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-32039 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Microsoft Printer Drivers | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-32040 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Microsoft Printer Drivers | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-32041 | Windows Update Orchestrator Service Information Disclosure Vulnerability | Windows Update Orchestrator Service | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-32042 | OLE Automation Information Disclosure Vulnerability | Windows OLE | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-32043 | Windows Remote Desktop Security Feature Bypass Vulnerability | Windows Remote Desktop | Important | 6.8 | Security Feature Bypass | No | No |
CVE-2023-32044 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-32045 | Microsoft Message Queuing Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
CVE-2023-32046 | Windows MSHTML Platform Elevation of Privilege Vulnerability | Windows MSHTML Platform | Important | 7.8 | Elevation of Privilege | Yes | No |
CVE-2023-32047 | Paint 3D Remote Code Execution Vulnerability | Paint 3D | Important | 7.8 | Remote Code Execution | No | No |
ADV230002 | Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules | Windows EFI Partition | Important | N/A | Security Feature Bypass | No | No |
CVE-2023-32049 | Windows SmartScreen Security Feature Bypass Vulnerability | Windows SmartScreen | Important | 8.8 | Security Feature Bypass | Yes | No |
CVE-2023-32050 | Windows Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-32051 | Raw Image Extension Remote Code Execution Vulnerability | Microsoft Windows Codecs Library | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-35313 | Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code Execution Vulnerability | Windows Online Certificate Status Protocol (OCSP) SnapIn | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-35314 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35315 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | Windows Layer-2 Bridge Network Driver | Critical | 8.8 | Remote Code Execution | No | No |
CVE-2023-35316 | Remote Procedure Call Runtime Information Disclosure Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-35317 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Windows Server Update Service | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35318 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35319 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35320 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Windows Connected User Experiences and Telemetry | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35321 | Windows Deployment Services Denial of Service Vulnerability | Windows Deployment Services | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35322 | Windows Deployment Services Remote Code Execution Vulnerability | Windows Deployment Services | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-35323 | Windows OLE Remote Code Execution Vulnerability | Windows Online Certificate Status Protocol (OCSP) SnapIn | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-35324 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Microsoft Printer Drivers | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-35325 | Windows Print Spooler Information Disclosure Vulnerability | Windows Print Spooler Components | Important | 7.5 | Information Disclosure | No | No |
CVE-2023-35326 | Windows CDP User Components Information Disclosure Vulnerability | Windows CDP User Components | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-35328 | Windows Transaction Manager Elevation of Privilege Vulnerability | Windows Transaction Manager | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35329 | Windows Authentication Denial of Service Vulnerability | Windows Authentication Methods | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35330 | Windows Extended Negotiation Denial of Service Vulnerability | Windows SPNEGO Extended Negotiation | Important | 7.5 | Denial of Service | No | No |
CVE-2023-35331 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | Windows Local Security Authority (LSA) | Important | 6.5 | Denial of Service | No | No |
CVE-2023-35332 | Windows Remote Desktop Protocol Security Feature Bypass | Windows Remote Desktop | Important | 6.8 | Security Feature Bypass | No | No |
CVE-2023-35333 | MediaWiki PandocUpload Extension Remote Code Execution Vulnerability | Microsoft Media-Wiki Extensions | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-35336 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Windows MSHTML Platform | Important | 6.5 | Security Feature Bypass | No | No |
CVE-2023-35337 | Win32k Elevation of Privilege Vulnerability | Windows Win32K | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35338 | Windows Peer Name Resolution Protocol Denial of Service Vulnerability | Windows Peer Name Resolution Protocol | Important | 7.5 | Denial of Service | No | No |
CVE-2023-35339 | Windows CryptoAPI Denial of Service Vulnerability | Windows CryptoAPI | Important | 7.5 | Denial of Service | No | No |
CVE-2023-35340 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | Windows CNG Key Isolation Service | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35341 | Microsoft DirectMusic Information Disclosure Vulnerability | Windows Media | Important | 6.2 | Information Disclosure | No | No |
CVE-2023-35342 | Windows Image Acquisition Elevation of Privilege Vulnerability | Windows Image Acquisition | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35343 | Windows Geolocation Service Remote Code Execution Vulnerability | Windows Geolocation Service | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-35344 | Windows DNS Server Remote Code Execution Vulnerability | Role: DNS Server | Important | 6.6 | Remote Code Execution | No | No |
CVE-2023-35345 | Windows DNS Server Remote Code Execution Vulnerability | Role: DNS Server | Important | 6.6 | Remote Code Execution | No | No |
CVE-2023-35346 | Windows DNS Server Remote Code Execution Vulnerability | Role: DNS Server | Important | 6.6 | Remote Code Execution | No | No |
CVE-2023-35347 | Microsoft Install Service Elevation of Privilege Vulnerability | Windows App Store | Important | 7.1 | Elevation of Privilege | No | No |
CVE-2023-35348 | Active Directory Federation Service Security Feature Bypass Vulnerability | Azure Active Directory | Important | 7.5 | Security Feature Bypass | No | No |
CVE-2023-35350 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | Windows Active Directory Certificate Services | Important | 7.2 | Remote Code Execution | No | No |
CVE-2023-35351 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | Windows Active Directory Certificate Services | Important | 6.6 | Remote Code Execution | No | No |
CVE-2023-35352 | Windows Remote Desktop Security Feature Bypass Vulnerability | Windows Remote Desktop | Critical | 7.5 | Security Feature Bypass | No | No |
CVE-2023-35353 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Windows Connected User Experiences and Telemetry | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35356 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35357 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35358 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35360 | Windows Kernel Elevation of Privilege Vulnerability | Windows NT OS Kernel | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-35361 | Windows Kernel Elevation of Privilege Vulnerability | Windows NT OS Kernel | Important | 7 | Elevation of Privilege | No | No |
CVE-2023-35362 | Windows Clip Service Elevation of Privilege Vulnerability | Windows Clip Service | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35363 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35364 | Windows Kernel Elevation of Privilege Vulnerability | Windows NT OS Kernel | Important | 8.8 | Elevation of Privilege | No | No |
CVE-2023-35365 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-35366 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-35367 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Windows Routing and Remote Access Service (RRAS) | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-36872 | VP9 Video Extensions Information Disclosure Vulnerability | Microsoft Windows Codecs Library | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-36874 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Windows Error Reporting | Important | 7.8 | Elevation of Privilege | Yes | No |
CVE-2023-36884 | Office and Windows HTML Remote Code Execution Vulnerability | Microsoft Office | Important | 8.3 | Remote Code Execution | Yes | Yes |
CVE-2023-21526 | Windows Netlogon Information Disclosure Vulnerability | Windows Netlogon | Important | 7.4 | Information Disclosure | No | No |
ADV230001 | Guidance on Microsoft Signed Drivers Being Used Maliciously | Windows Certificates | None | N/A | Defense in Depth | Yes | No |
CVE-2023-29347 | Windows Admin Center Spoofing Vulnerability | Windows Admin Center | Important | 8.7 | Spoofing | No | No |
CVE-2023-33127 | .NET and Visual Studio Elevation of Privilege Vulnerability | .NET and Visual Studio | Important | 8.1 | Elevation of Privilege | No | No |
CVE-2023-33134 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-33154 | Windows Partition Management Driver Elevation of Privilege Vulnerability | Windows Partition Management Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-33155 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Windows Cloud Files Mini Filter Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability | Windows Defender | Important | 6.3 | Elevation of Privilege | No | No |
CVE-2023-33157 | Microsoft SharePoint Remote Code Execution Vulnerability | Microsoft Office SharePoint | Critical | 8.8 | Remote Code Execution | No | No |
CVE-2023-33158 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-33159 | Microsoft SharePoint Server Spoofing Vulnerability | Microsoft Office SharePoint | Important | 8.8 | Spoofing | No | No |
CVE-2023-33160 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Critical | 8.8 | Remote Code Execution | No | No |
CVE-2023-33161 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-33162 | Microsoft Excel Information Disclosure Vulnerability | Microsoft Office Excel | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-33163 | Windows Network Load Balancing Remote Code Execution Vulnerability | Windows Network Load Balancing | Important | 7.5 | Remote Code Execution | No | No |
CVE-2023-33164 | Remote Procedure Call Runtime Denial of Service Vulnerability | Windows Remote Procedure Call | Important | 6.5 | Denial of Service | No | No |
CVE-2023-33170 | ASP.NET and Visual Studio Security Feature Bypass Vulnerability | ASP.NET and Visual Studio | Important | 8.1 | Security Feature Bypass | No | No |
CVE-2023-33171 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Microsoft Dynamics | Important | 8.2 | Spoofing | No | No |
CVE-2023-32052 | Microsoft Power Apps Spoofing Vulnerability | Microsoft Power Apps | Important | 5.4 | Spoofing | No | No |
CVE-2023-32053 | Windows Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-32054 | Volume Shadow Copy Elevation of Privilege Vulnerability | Windows Volume Shadow Copy | Important | 7.3 | Elevation of Privilege | No | No |
CVE-2023-32055 | Active Template Library Elevation of Privilege Vulnerability | Windows Active Template Library | Important | 6.7 | Elevation of Privilege | No | No |
CVE-2023-32056 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Windows Server Update Service | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-32057 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Critical | 9.8 | Remote Code Execution | No | No |
CVE-2023-32083 | Microsoft Failover Cluster Information Disclosure Vulnerability | Windows Failover Cluster | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-32084 | HTTP.sys Denial of Service Vulnerability | Windows HTTP.sys | Important | 7.5 | Denial of Service | No | No |
CVE-2023-32085 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Microsoft Printer Drivers | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-35296 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Microsoft Printer Drivers | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-35297 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | Windows PGM | Critical | 7.5 | Remote Code Execution | No | No |
CVE-2023-35298 | HTTP.sys Denial of Service Vulnerability | Windows HTTP.sys | Important | 7.5 | Denial of Service | No | No |
CVE-2023-35299 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows Common Log File System Driver | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35300 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Windows Remote Procedure Call | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-35302 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | Microsoft Printer Drivers | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-35303 | USB Audio Class System Driver Remote Code Execution Vulnerability | Microsoft Windows Codecs Library | Important | 8.8 | Remote Code Execution | No | No |
CVE-2023-35304 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35305 | Windows Kernel Elevation of Privilege Vulnerability | Windows Kernel | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35306 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | Microsoft Printer Drivers | Important | 5.5 | Information Disclosure | No | No |
CVE-2023-35308 | Windows MSHTML Platform Security Feature Bypass Vulnerability | Windows MSHTML Platform | Important | 6.5 | Security Feature Bypass | No | No |
CVE-2023-35309 | Microsoft Message Queuing Remote Code Execution Vulnerability | Windows Message Queuing | Important | 7.5 | Remote Code Execution | No | No |
CVE-2023-35310 | Windows DNS Server Remote Code Execution Vulnerability | Role: DNS Server | Important | 6.6 | Remote Code Execution | No | No |
CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability | Microsoft Office Outlook | Important | 8.8 | Security Feature Bypass | Yes | No |
CVE-2023-35312 | Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability | Windows VOLSNAP.SYS | Important | 7.8 | Elevation of Privilege | No | No |
CVE-2023-35335 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Microsoft Dynamics | Important | 8.2 | Spoofing | No | No |
CVE-2023-35373 | Mono Authenticode Validation Spoofing Vulnerability | Mono Authenticode | Important | 5.3 | Spoofing | No | No |
CVE-2023-35374 | Paint 3D Remote Code Execution Vulnerability | Paint 3D | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36867 | Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | Visual Studio Code | Important | 7.8 | Remote Code Execution | No | No |
CVE-2023-36868 | Azure Service Fabric on Windows Information Disclosure Vulnerability | Service Fabric | Important | 6.5 | Information Disclosure | No | No |
CVE-2023-36871 | Azure Active Directory Security Feature Bypass Vulnerability | Azure Active Directory | Important | 6.5 | Security Feature Bypass |