Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
More Stories
USN-6146-1: Netatalk vulnerabilities
It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote...
mariadb-10.5.20-1.fc38
FEDORA-2023-381f23a0ae Packages in this update: mariadb-10.5.20-1.fc38 Update description: MariaDB 10.5.20 Release notes: https://mariadb.com/kb/en/mariadb-10-5-20-release-notes/ Read More
mariadb-10.5.20-1.fc37
FEDORA-2023-b4ff407364 Packages in this update: mariadb-10.5.20-1.fc37 Update description: MariaDB 10.5.20 Release notes: https://mariadb.com/kb/en/mariadb-10-5-20-release-notes/ Read More
Defense in depth — the Microsoft way (part 85): escalation of privilege plus remote code execution with HVCISCAN.exe
Posted by Stefan Kanthak on Jun 07 Hi @ll, about a month ago Microsoft published HVCIScan-{amd,arm}64.exe, a "Tool to check...
LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863
Posted by Qualys Security Advisory via Fulldisclosure on Jun 07 Qualys Security Advisory LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864,...
matrix-synapse-1.85.1-1.fc38
FEDORA-2023-e191040276 Packages in this update: matrix-synapse-1.85.1-1.fc38 Update description: Update to v1.85.1 Update to v1.85.0 Fixes CVE-2023-32682, CVE-2023-32683 Update to v1.84.1...