CVE-2022-41092 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41092
Windows Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Output Protection Manager. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41092 •
CVE-2022-41097 – Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-41097
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del protocolo RADIUS del servidor de políticas de red (NPS) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41097 •
CVE-2022-41098 – Windows GDI+ Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-41098
Windows GDI+ Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Windows GDI+ • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41098 •
CVE-2022-41099 – BitLocker Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-41099
BitLocker Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de BitLocker • https://github.com/halsey51013/UpdateWindowsRE-CVE-2022-41099 https://github.com/o0MattE0o/CVE-2022-41099-Fix https://github.com/dsn1321/KB5025175-CVE-2022-41099 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41099 •
CVE-2022-38040 – Microsoft ODBC Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38040
Microsoft ODBC Driver Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft ODBC Driver • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38040 •