Microsoft Windows Server 2022 vulnerabilities

CVE-2023-35643 [HIGH] CWE-126 CVE-2023-35643: DHCP Server Service Information Disclosure Vulnerability DHCP Server Service Information Disclosure Vulnerability

CVE-2023-36011 [HIGH] CWE-822 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

CVE-2023-35630 [HIGH] CWE-122 CVE-2023-35630: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

CVE-2023-36006 [HIGH] CWE-121 CVE-2023-36006: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-35639 [HIGH] CWE-122 CVE-2023-35639: Microsoft ODBC Driver Remote Code Execution Vulnerability Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2023-35638 [HIGH] CWE-126 CVE-2023-35638: DHCP Server Service Denial of Service Vulnerability DHCP Server Service Denial of Service Vulnerability

CVE-2023-21740 [HIGH] CWE-122 Windows Media Remote Code Execution Vulnerability Windows Media Remote Code Execution Vulnerability Windows Media Remote Code Execution Vulnerability

CVE-2023-36003 [HIGH] CWE-426 CVE-2023-36003: XAML Diagnostics Elevation of Privilege Vulnerability XAML Diagnostics Elevation of Privilege Vulnerability

CVE-2023-36696 [HIGH] CWE-125 CVE-2023-36696: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2023-36005 [HIGH] CWE-591 CVE-2023-36005: Windows Telephony Server Elevation of Privilege Vulnerability Windows Telephony Server Elevation of Privilege Vulnerability

CVE-2023-36004 [HIGH] CWE-287 CVE-2023-36004: Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability

CVE-2023-35622 [HIGH] Windows DNS Spoofing Vulnerability Windows DNS Spoofing Vulnerability Windows DNS Spoofing Vulnerability

CVE-2023-36012 [MEDIUM] CWE-908 CVE-2023-36012: DHCP Server Service Information Disclosure Vulnerability DHCP Server Service Information Disclosure Vulnerability

CVE-2023-35642 [MEDIUM] CWE-682 CVE-2023-35642: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2023-24023 [MEDIUM] CVE-2023-24023: Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.

CVE-2023-36028 [CRITICAL] CWE-122 CVE-2023-36028: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2023-36397 [CRITICAL] CWE-126 CVE-2023-36397: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

CVE-2023-36407 [HIGH] CWE-20 CVE-2023-36407: Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2023-36401 [HIGH] CWE-190 CVE-2023-36401: Microsoft Remote Registry Service Remote Code Execution Vulnerability Microsoft Remote Registry Service Remote Code Execution Vulnerability

CVE-2023-36405 [HIGH] CWE-362 CVE-2023-36405: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability