CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-37983 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37983
Microsoft DWM Core Library Elevation of Privilege Vulnerability Vulnerabilidad en la elevación de privilegios de Microsoft DWM Core Library • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37983 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37987 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37987
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Client Server Run-time Subsystem (CSRSS). Este ID de CVE es diferente de CVE-2022-37989 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CSRSS.exe process. By performing a DOS device redirection, an attacker can alter a path used for searching for dependencies. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37987 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-37995 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37995
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37995 •
CVSS: 8.1EPSS: 0%CPEs: 33EXPL: 0CVE-2022-22035 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22035
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Point-to-Point Tunneling Protocol. Este ID de CVE es diferente de CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22035 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.7EPSS: 0%CPEs: 14EXPL: 0CVE-2022-37973 – Windows Local Session Manager (LSM) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-37973
Windows Local Session Manager (LSM) Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio en Windows Local Session Manager (LSM). Este ID de CVE es diferente de CVE-2022-37998 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37973 •