CVE-2022-38044 – Windows CD-ROM File System Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38044
Windows CD-ROM File System Driver Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows CD-ROM File System Driver This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ISO files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the kernel. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38044 •
CVE-2022-38022 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38022
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38022 •
CVE-2022-38016 – Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38016
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows Local Security Authority (LSA) • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38016 •
CVE-2022-24504 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24504
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Point-to-Point Tunneling Protocol. Este ID de CVE es diferente de CVE-2022-22035, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24504 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-38039 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38039
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38039 •