Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs Cybernoz June 13, 2023 Posted in Bleeping Computer Tag CVE ID CVE Title Severity .NET and Visual Studio CVE-2023-24895 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Important .NET and Visual Studio CVE-2023-33126 .NET and Visual Studio Remote Code Execution Vulnerability Important .NET and Visual Studio CVE-2023-24936 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability Moderate .NET and Visual Studio CVE-2023-33135 .NET and Visual Studio Elevation of Privilege Vulnerability Important .NET and Visual Studio CVE-2023-32032 .NET and Visual Studio Elevation of Privilege Vulnerability Important .NET and Visual Studio CVE-2023-32030 .NET and Visual Studio Denial of Service Vulnerability Important .NET and Visual Studio CVE-2023-33128 .NET and Visual Studio Remote Code Execution Vulnerability Important .NET and Visual Studio CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Critical .NET Core CVE-2023-29331 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Important .NET Framework CVE-2023-29326 .NET Framework Remote Code Execution Vulnerability Important ASP .NET CVE-2023-33141 Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability Important Azure DevOps CVE-2023-21569 Azure DevOps Server Spoofing Vulnerability Important Azure DevOps CVE-2023-21565 Azure DevOps Server Spoofing Vulnerability Important Microsoft Dynamics CVE-2023-24896 Dynamics 365 Finance Spoofing Vulnerability Important Microsoft Edge (Chromium-based) CVE-2023-2941 Chromium: CVE-2023-2941 Inappropriate implementation in Extensions API Unknown Microsoft Edge (Chromium-based) CVE-2023-33145 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Important Microsoft Edge (Chromium-based) CVE-2023-2937 Chromium: CVE-2023-2937 Inappropriate implementation in Picture In Picture Unknown Microsoft Edge (Chromium-based) CVE-2023-2936 Chromium: CVE-2023-2936 Type Confusion in V8 Unknown Microsoft Edge (Chromium-based) CVE-2023-2935 Chromium: CVE-2023-2935 Type Confusion in V8 Unknown Microsoft Edge (Chromium-based) CVE-2023-2940 Chromium: CVE-2023-2940 Inappropriate implementation in Downloads Unknown Microsoft Edge (Chromium-based) CVE-2023-2939 Chromium: CVE-2023-2939 Insufficient data validation in Installer Unknown Microsoft Edge (Chromium-based) CVE-2023-2938 Chromium: CVE-2023-2938 Inappropriate implementation in Picture In Picture Unknown Microsoft Edge (Chromium-based) CVE-2023-2931 Chromium: CVE-2023-2931 Use after free in PDF Unknown Microsoft Edge (Chromium-based) CVE-2023-2930 Chromium: CVE-2023-2930 Use after free in Extensions Unknown Microsoft Edge (Chromium-based) CVE-2023-2929 Chromium: CVE-2023-2929 Out of bounds write in Swiftshader Unknown Microsoft Edge (Chromium-based) CVE-2023-2934 Chromium: CVE-2023-2934 Out of bounds memory access in Mojo Unknown Microsoft Edge (Chromium-based) CVE-2023-2933 Chromium: CVE-2023-2933 Use after free in PDF Unknown Microsoft Edge (Chromium-based) CVE-2023-2932 Chromium: CVE-2023-2932 Use after free in PDF Unknown Microsoft Edge (Chromium-based) CVE-2023-3079 Chromium: CVE-2023-3079 Type Confusion in V8 Unknown Microsoft Edge (Chromium-based) CVE-2023-29345 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Low Microsoft Edge (Chromium-based) CVE-2023-33143 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Moderate Microsoft Exchange Server CVE-2023-32031 Microsoft Exchange Server Remote Code Execution Vulnerability Important Microsoft Exchange Server CVE-2023-28310 Microsoft Exchange Server Remote Code Execution Vulnerability Important Microsoft Office CVE-2023-33146 Microsoft Office Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2023-33133 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2023-32029 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2023-33137 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office OneNote CVE-2023-33140 Microsoft OneNote Spoofing Vulnerability Important Microsoft Office Outlook CVE-2023-33131 Microsoft Outlook Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2023-33142 Microsoft SharePoint Server Elevation of Privilege Vulnerability Important Microsoft Office SharePoint CVE-2023-33129 Microsoft SharePoint Denial of Service Vulnerability Important Microsoft Office SharePoint CVE-2023-33130 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2023-33132 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2023-29357 Microsoft SharePoint Server Elevation of Privilege Vulnerability Critical Microsoft Power Apps CVE-2023-32024 Microsoft Power Apps Spoofing Vulnerability Important Microsoft Printer Drivers CVE-2023-32017 Microsoft PostScript Printer Driver Remote Code Execution Vulnerability Important Microsoft WDAC OLE DB provider for SQL CVE-2023-29372 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important Microsoft Windows Codecs Library CVE-2023-29370 Windows Media Remote Code Execution Vulnerability Important Microsoft Windows Codecs Library CVE-2023-29365 Windows Media Remote Code Execution Vulnerability Important NuGet Client CVE-2023-29337 NuGet Client Remote Code Execution Vulnerability Important Remote Desktop Client CVE-2023-29362 Remote Desktop Client Remote Code Execution Vulnerability Important Remote Desktop Client CVE-2023-29352 Windows Remote Desktop Security Feature Bypass Vulnerability Important Role: DNS Server CVE-2023-32020 Windows DNS Spoofing Vulnerability Important SysInternals CVE-2023-29353 Sysinternals Process Monitor for Windows Denial of Service Vulnerability Low Visual Studio CVE-2023-29007 GitHub: CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit` Important Visual Studio CVE-2023-33139 Visual Studio Information Disclosure Vulnerability Important Visual Studio CVE-2023-25652 GitHub: CVE-2023-25652 “git apply –reject” partially-controlled arbitrary file write Important Visual Studio CVE-2023-25815 GitHub: CVE-2023-25815 Git looks for localized messages in an unprivileged place Important Visual Studio CVE-2023-27911 AutoDesk: CVE-2023-27911 Heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior Important Visual Studio CVE-2023-27910 AutoDesk: CVE-2023-27910 stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior Important Visual Studio CVE-2023-29011 GitHub: CVE-2023-29011 The config file of `connect.exe` is susceptible to malicious placing Important Visual Studio CVE-2023-29012 GitHub: CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in current directory, if it exists Important Visual Studio CVE-2023-27909 AutoDesk: CVE-2023-27909 Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK 2020 or prior Important Visual Studio Code CVE-2023-33144 Visual Studio Code Spoofing Vulnerability Important Windows Authentication Methods CVE-2023-29364 Windows Authentication Elevation of Privilege Vulnerability Important Windows Bus Filter Driver CVE-2023-32010 Windows Bus Filter Driver Elevation of Privilege Vulnerability Important Windows Cloud Files Mini Filter Driver CVE-2023-29361 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important Windows Collaborative Translation Framework CVE-2023-32009 Windows Collaborative Translation Framework Elevation of Privilege Vulnerability Important Windows Container Manager Service CVE-2023-32012 Windows Container Manager Service Elevation of Privilege Vulnerability Important Windows CryptoAPI CVE-2023-24937 Windows CryptoAPI Denial of Service Vulnerability Important Windows CryptoAPI CVE-2023-24938 Windows CryptoAPI Denial of Service Vulnerability Important Windows DHCP Server CVE-2023-29355 DHCP Server Service Information Disclosure Vulnerability Important Windows Filtering CVE-2023-29368 Windows Filtering Platform Elevation of Privilege Vulnerability Important Windows GDI CVE-2023-29358 Windows GDI Elevation of Privilege Vulnerability Important Windows Geolocation Service CVE-2023-29366 Windows Geolocation Service Remote Code Execution Vulnerability Important Windows Group Policy CVE-2023-29351 Windows Group Policy Elevation of Privilege Vulnerability Important Windows Hello CVE-2023-32018 Windows Hello Remote Code Execution Vulnerability Important Windows Hyper-V CVE-2023-32013 Windows Hyper-V Denial of Service Vulnerability Critical Windows Installer CVE-2023-32016 Windows Installer Information Disclosure Vulnerability Important Windows iSCSI CVE-2023-32011 Windows iSCSI Discovery Service Denial of Service Vulnerability Important Windows Kernel CVE-2023-32019 Windows Kernel Information Disclosure Vulnerability Important Windows NTFS CVE-2023-29346 NTFS Elevation of Privilege Vulnerability Important Windows ODBC Driver CVE-2023-29373 Microsoft ODBC Driver Remote Code Execution Vulnerability Important Windows OLE CVE-2023-29367 iSCSI Target WMI Provider Remote Code Execution Vulnerability Important Windows PGM CVE-2023-29363 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical Windows PGM CVE-2023-32014 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical Windows PGM CVE-2023-32015 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical Windows Remote Procedure Call Runtime CVE-2023-29369 Remote Procedure Call Runtime Denial of Service Vulnerability Important Windows Resilient File System (ReFS) CVE-2023-32008 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability Important Windows Server Service CVE-2023-32022 Windows Server Service Security Feature Bypass Vulnerability Important Windows SMB CVE-2023-32021 Windows SMB Witness Service Security Feature Bypass Vulnerability Important Windows TPM Device Driver CVE-2023-29360 Windows TPM Device Driver Elevation of Privilege Vulnerability Important Windows Win32K CVE-2023-29371 Windows GDI Elevation of Privilege Vulnerability Important Windows Win32K CVE-2023-29359 GDI Elevation of Privilege Vulnerability Important Source link