Security
Headlines
HeadlinesLatestCVEs

Tag

#Windows Cryptographic Services

CVE-2023-36906: Windows Cryptographic Services Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.

Microsoft Security Response Center
Open in Source
#vulnerability#web#windows#Windows Cryptographic Services#Security Vulnerability
CVE-2023-36906: Windows Cryptographic Services Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.

CVE-2023-36907: Windows Cryptographic Services Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.

CVE-2023-33174: Windows Cryptographic Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.

CVE-2023-33174: Windows Cryptographic Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.

CVE-2023-23416: Windows Cryptographic Services Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** For successful exploitation, a malicious certificate needs to be imported on an affected system. An attacker could upload a certificate to a service that processes or imports certificates, or an attacker could convince an authenticated user to import a certificate on their system.

CVE-2023-21730: Microsoft Cryptographic Services Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2023-21550: Windows Cryptographic Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets.

CVE-2023-21540: Windows Cryptographic Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets.

CVE-2023-21559: Windows Cryptographic Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets.