Security Vulnerabilities - CVEs Published In November 2023
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.
CVSS Score
9.8
EPSS Score
0.018
Published
2023-11-14
ASP.NET Security Feature Bypass Vulnerability
CVSS Score
8.8
EPSS Score
0.042
Published
2023-11-14
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.002
Published
2023-11-14
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS Score
8.0
EPSS Score
0.01
Published
2023-11-14
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVSS Score
8.0
EPSS Score
0.002
Published
2023-11-14
Windows Hyper-V Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.074
Published
2023-11-14
Microsoft Windows Defender Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.007
Published
2023-11-14
Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.006
Published
2023-11-14
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.178
Published
2023-11-14
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVSS Score
7.6
EPSS Score
0.002
Published
2023-11-14