CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37987 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37987
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Client Server Run-time Subsystem (CSRSS). Este ID de CVE es diferente de CVE-2022-37989 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CSRSS.exe process. By performing a DOS device redirection, an attacker can alter a path used for searching for dependencies. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37987 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-37995 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37995
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37995 •
CVSS: 8.1EPSS: 0%CPEs: 33EXPL: 0CVE-2022-22035 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22035
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Point-to-Point Tunneling Protocol. Este ID de CVE es diferente de CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22035 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37991 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37991
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039 The Windows kernel suffers from out-of-bounds reads and other issues when operating on long registry key and value names. • http://packetstormsecurity.com/files/169807/Windows-Kernel-Long-Registry-Key-Value-Out-Of-Bounds-Read.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37991 •
CVSS: 7.3EPSS: 0%CPEs: 19EXPL: 0CVE-2022-38011 – Raw Image Extension Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-38011
Raw Image Extension Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Raw Image Extension • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38011 •