Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs

TagCVE IDCVE TitleSeverity.NET and Visual StudioCVE-2023-24895.NET, .NET Framework, and Visual Studio Remote Code Execution VulnerabilityImportant.NET and Visual StudioCVE-2023-33126.NET and Visual Studio Remote Code Execution VulnerabilityImportant.NET and Visual StudioCVE-2023-24936.NET, .NET Framework, and Visual Studio Elevation of Privilege VulnerabilityModerate.NET and Visual StudioCVE-2023-33135.NET and Visual Studio Elevation of Privilege VulnerabilityImportant.NET and Visual StudioCVE-2023-32032.NET and Visual Studio Elevation of Privilege VulnerabilityImportant.NET and Visual StudioCVE-2023-32030.NET and Visual Studio Denial of Service VulnerabilityImportant.NET and Visual StudioCVE-2023-33128.NET and Visual Studio Remote Code Execution VulnerabilityImportant.NET and Visual StudioCVE-2023-24897.NET, .NET Framework, and Visual Studio Remote Code Execution VulnerabilityCritical.NET CoreCVE-2023-29331.NET, .NET Framework, and Visual Studio Denial of Service VulnerabilityImportant.NET FrameworkCVE-2023-29326.NET Framework Remote Code Execution VulnerabilityImportantASP .NETCVE-2023-33141Yet Another Reverse Proxy (YARP) Denial of Service VulnerabilityImportantAzure DevOpsCVE-2023-21569Azure DevOps Server Spoofing VulnerabilityImportantAzure DevOpsCVE-2023-21565Azure DevOps Server Spoofing VulnerabilityImportantMicrosoft DynamicsCVE-2023-24896Dynamics 365 Finance Spoofing VulnerabilityImportantMicrosoft Edge (Chromium-based)CVE-2023-2941Chromium: CVE-2023-2941 Inappropriate implementation in Extensions APIUnknownMicrosoft Edge (Chromium-based)CVE-2023-33145Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityImportantMicrosoft Edge (Chromium-based)CVE-2023-2937Chromium: CVE-2023-2937 Inappropriate implementation in Picture In PictureUnknownMicrosoft Edge (Chromium-based)CVE-2023-2936Chromium: CVE-2023-2936 Type Confusion in V8UnknownMicrosoft Edge (Chromium-based)CVE-2023-2935Chromium: CVE-2023-2935 Type Confusion in V8UnknownMicrosoft Edge (Chromium-based)CVE-2023-2940Chromium: CVE-2023-2940 Inappropriate implementation in DownloadsUnknownMicrosoft Edge (Chromium-based)CVE-2023-2939Chromium: CVE-2023-2939 Insufficient data validation in InstallerUnknownMicrosoft Edge (Chromium-based)CVE-2023-2938Chromium: CVE-2023-2938 Inappropriate implementation in Picture In PictureUnknownMicrosoft Edge (Chromium-based)CVE-2023-2931Chromium: CVE-2023-2931 Use after free in PDFUnknownMicrosoft Edge (Chromium-based)CVE-2023-2930Chromium: CVE-2023-2930 Use after free in ExtensionsUnknownMicrosoft Edge (Chromium-based)CVE-2023-2929Chromium: CVE-2023-2929 Out of bounds write in SwiftshaderUnknownMicrosoft Edge (Chromium-based)CVE-2023-2934Chromium: CVE-2023-2934 Out of bounds memory access in MojoUnknownMicrosoft Edge (Chromium-based)CVE-2023-2933Chromium: CVE-2023-2933 Use after free in PDFUnknownMicrosoft Edge (Chromium-based)CVE-2023-2932Chromium: CVE-2023-2932 Use after free in PDFUnknownMicrosoft Edge (Chromium-based)CVE-2023-3079Chromium: CVE-2023-3079 Type Confusion in V8UnknownMicrosoft Edge (Chromium-based)CVE-2023-29345Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityLowMicrosoft Edge (Chromium-based)CVE-2023-33143Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityModerateMicrosoft Exchange ServerCVE-2023-32031Microsoft Exchange Server Remote Code Execution VulnerabilityImportantMicrosoft Exchange ServerCVE-2023-28310Microsoft Exchange Server Remote Code Execution VulnerabilityImportantMicrosoft OfficeCVE-2023-33146Microsoft Office Remote Code Execution VulnerabilityImportantMicrosoft Office ExcelCVE-2023-33133Microsoft Excel Remote Code Execution VulnerabilityImportantMicrosoft Office ExcelCVE-2023-32029Microsoft Excel Remote Code Execution VulnerabilityImportantMicrosoft Office ExcelCVE-2023-33137Microsoft Excel Remote Code Execution VulnerabilityImportantMicrosoft Office OneNoteCVE-2023-33140Microsoft OneNote Spoofing VulnerabilityImportantMicrosoft Office OutlookCVE-2023-33131Microsoft Outlook Remote Code Execution VulnerabilityImportantMicrosoft Office SharePointCVE-2023-33142Microsoft SharePoint Server Elevation of Privilege VulnerabilityImportantMicrosoft Office SharePointCVE-2023-33129Microsoft SharePoint Denial of Service VulnerabilityImportantMicrosoft Office SharePointCVE-2023-33130Microsoft SharePoint Server Spoofing VulnerabilityImportantMicrosoft Office SharePointCVE-2023-33132Microsoft SharePoint Server Spoofing VulnerabilityImportantMicrosoft Office SharePointCVE-2023-29357Microsoft SharePoint Server Elevation of Privilege VulnerabilityCriticalMicrosoft Power AppsCVE-2023-32024Microsoft Power Apps Spoofing VulnerabilityImportantMicrosoft Printer DriversCVE-2023-32017Microsoft PostScript Printer Driver Remote Code Execution VulnerabilityImportantMicrosoft WDAC OLE DB provider for SQLCVE-2023-29372Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportantMicrosoft Windows Codecs LibraryCVE-2023-29370Windows Media Remote Code Execution VulnerabilityImportantMicrosoft Windows Codecs LibraryCVE-2023-29365Windows Media Remote Code Execution VulnerabilityImportantNuGet ClientCVE-2023-29337NuGet Client Remote Code Execution VulnerabilityImportantRemote Desktop ClientCVE-2023-29362Remote Desktop Client Remote Code Execution VulnerabilityImportantRemote Desktop ClientCVE-2023-29352Windows Remote Desktop Security Feature Bypass VulnerabilityImportantRole: DNS ServerCVE-2023-32020Windows DNS Spoofing VulnerabilityImportantSysInternalsCVE-2023-29353Sysinternals Process Monitor for Windows Denial of Service VulnerabilityLowVisual StudioCVE-2023-29007GitHub: CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit`ImportantVisual StudioCVE-2023-33139Visual Studio Information Disclosure VulnerabilityImportantVisual StudioCVE-2023-25652GitHub: CVE-2023-25652 “git apply –reject” partially-controlled arbitrary file writeImportantVisual StudioCVE-2023-25815GitHub: CVE-2023-25815 Git looks for localized messages in an unprivileged placeImportantVisual StudioCVE-2023-27911AutoDesk: CVE-2023-27911 Heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or priorImportantVisual StudioCVE-2023-27910AutoDesk: CVE-2023-27910 stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or priorImportantVisual StudioCVE-2023-29011GitHub: CVE-2023-29011 The config file of `connect.exe` is susceptible to malicious placingImportantVisual StudioCVE-2023-29012GitHub: CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in current directory, if it existsImportantVisual StudioCVE-2023-27909AutoDesk: CVE-2023-27909 Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK 2020 or priorImportantVisual Studio CodeCVE-2023-33144Visual Studio Code Spoofing VulnerabilityImportantWindows Authentication MethodsCVE-2023-29364Windows Authentication Elevation of Privilege VulnerabilityImportantWindows Bus Filter DriverCVE-2023-32010Windows Bus Filter Driver Elevation of Privilege VulnerabilityImportantWindows Cloud Files Mini Filter DriverCVE-2023-29361Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityImportantWindows Collaborative Translation FrameworkCVE-2023-32009Windows Collaborative Translation Framework Elevation of Privilege VulnerabilityImportantWindows Container Manager ServiceCVE-2023-32012Windows Container Manager Service Elevation of Privilege VulnerabilityImportantWindows CryptoAPICVE-2023-24937Windows CryptoAPI Denial of Service VulnerabilityImportantWindows CryptoAPICVE-2023-24938Windows CryptoAPI Denial of Service VulnerabilityImportantWindows DHCP ServerCVE-2023-29355DHCP Server Service Information Disclosure VulnerabilityImportantWindows FilteringCVE-2023-29368Windows Filtering Platform Elevation of Privilege VulnerabilityImportantWindows GDICVE-2023-29358Windows GDI Elevation of Privilege VulnerabilityImportantWindows Geolocation ServiceCVE-2023-29366Windows Geolocation Service Remote Code Execution VulnerabilityImportantWindows Group PolicyCVE-2023-29351Windows Group Policy Elevation of Privilege VulnerabilityImportantWindows HelloCVE-2023-32018Windows Hello Remote Code Execution VulnerabilityImportantWindows Hyper-VCVE-2023-32013Windows Hyper-V Denial of Service VulnerabilityCriticalWindows InstallerCVE-2023-32016Windows Installer Information Disclosure VulnerabilityImportantWindows iSCSICVE-2023-32011Windows iSCSI Discovery Service Denial of Service VulnerabilityImportantWindows KernelCVE-2023-32019Windows Kernel Information Disclosure VulnerabilityImportantWindows NTFSCVE-2023-29346NTFS Elevation of Privilege VulnerabilityImportantWindows ODBC DriverCVE-2023-29373Microsoft ODBC Driver Remote Code Execution VulnerabilityImportantWindows OLECVE-2023-29367iSCSI Target WMI Provider Remote Code Execution VulnerabilityImportantWindows PGMCVE-2023-29363Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCriticalWindows PGMCVE-2023-32014Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCriticalWindows PGMCVE-2023-32015Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCriticalWindows Remote Procedure Call RuntimeCVE-2023-29369Remote Procedure Call Runtime Denial of Service VulnerabilityImportantWindows Resilient File System (ReFS)CVE-2023-32008Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityImportantWindows Server ServiceCVE-2023-32022Windows Server Service Security Feature Bypass VulnerabilityImportantWindows SMBCVE-2023-32021Windows SMB Witness Service Security Feature Bypass VulnerabilityImportantWindows TPM Device DriverCVE-2023-29360Windows TPM Device Driver Elevation of Privilege VulnerabilityImportantWindows Win32KCVE-2023-29371Windows GDI Elevation of Privilege VulnerabilityImportantWindows Win32KCVE-2023-29359GDI Elevation of Privilege VulnerabilityImportant