CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37987 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37987
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Client Server Run-time Subsystem (CSRSS). Este ID de CVE es diferente de CVE-2022-37989 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CSRSS.exe process. By performing a DOS device redirection, an attacker can alter a path used for searching for dependencies. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37987 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-37995 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37995
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37995 •
CVSS: 8.1EPSS: 0%CPEs: 33EXPL: 0CVE-2022-22035 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22035
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Point-to-Point Tunneling Protocol. Este ID de CVE es diferente de CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22035 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.7EPSS: 0%CPEs: 14EXPL: 0CVE-2022-37973 – Windows Local Session Manager (LSM) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-37973
Windows Local Session Manager (LSM) Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio en Windows Local Session Manager (LSM). Este ID de CVE es diferente de CVE-2022-37998 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37973 •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2022-37998 – Windows Local Session Manager (LSM) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-37998
Windows Local Session Manager (LSM) Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio en el administrador de sesión local de Windows (LSM). Este ID de CVE es diferente de CVE-2022-37973 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37998 •