CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2022-38043 – Windows Security Support Provider Interface Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-38043
Windows Security Support Provider Interface Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Windows Security Support Provider Interface • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38043 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-38044 – Windows CD-ROM File System Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38044
Windows CD-ROM File System Driver Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows CD-ROM File System Driver This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ISO files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the kernel. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38044 •
CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 0CVE-2022-38047 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38047
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Point-to-Point Tunneling Protocol. Este ID de CVE es diferente de CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-41081 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38047 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 33EXPL: 0CVE-2022-35770 – Windows NTLM Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2022-35770
Windows NTLM Spoofing Vulnerability Una Vulnerabilidad de Suplantación en Windows NTLM • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35770 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-37995 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37995
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37995 •