Published threat advisories for September 12, 2023

A privilege escalation vulnerability in the Microsoft Streaming Service Proxy impacts Microsoft Windows systems. This flaw allows an attacker with local access to gain elevated privileges, potentially leading to unauthorized system control and data modification. The vulnerability is listed as a known exploited vulnerab

NVD published: September 12, 2023 • CISA KEV

Microsoft Word applications are affected by an information disclosure vulnerability. This impacts organizations by potentially exposing sensitive data, increasing the risk of data breaches and unauthorized access to confidential business information. Organizations should consult Microsoft's guidance for mitigation step

NVD published: September 12, 2023 • CISA KEV

A heap buffer overflow in the libwebp library can allow attackers to write data outside of allocated memory via a crafted HTML page. This impacts organizations using affected browsers or image viewers, posing a risk to data integrity and system operation.

NVD published: September 12, 2023 • CISA KEV

A vulnerability in Apple operating systems allows for arbitrary code execution when processing a font file. This could impact affected systems and data. Organizations should identify all affected devices and apply vendor-provided security updates.

NVD published: September 12, 2023 • CISA KEV