Security Vulnerabilities - CVEs Published In July 2023
Paint 3D Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.008
Published
2023-07-11
Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-07-11
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
CVSS Score
7.3
EPSS Score
0.0
Published
2023-07-11
Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.
CVSS Score
8.4
EPSS Score
0.0
Published
2023-07-11
Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deserialization of untrusted data from the `_state` query parameter, which can result in remote code execution. The issue has been addressed in version 14.5.0. Users are advised to upgrade their software to this version or any subsequent versions that include the patch. There are no known workarounds.
CVSS Score
9.6
EPSS Score
0.054
Published
2023-07-11
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2023-07-11
Azure Service Fabric on Windows Information Disclosure Vulnerability
CVSS Score
6.5
EPSS Score
0.001
Published
2023-07-11
Azure Active Directory Security Feature Bypass Vulnerability
CVSS Score
6.5
EPSS Score
0.003
Published
2023-07-11
VP9 Video Extensions Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.003
Published
2023-07-11
CVE-2023-36874
Windows Error Reporting Service Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.63
Published
2023-07-11