Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability.
Microsoft
CVE-2023-21682
Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability.
CVE-2023-21683
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2023-21677, CVE-2023-21758.
CVE-2023-20854
VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim’s machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.
CVE-2023-20858
VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system.
CVE-2023-21524
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability.