CVE-2022-30198 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-30198
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Point-to-Point Tunneling Protocol. Este ID de CVE es diferente de CVE-2022-22035, CVE-2022-24504, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30198 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-37989 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37989
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Client Server Run-time Subsystem (CSRSS). Este ID de CVE es diferente de CVE-2022-37987 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CSRSS.exe process. By sending a crafted message to CSRSS, an attacker can cause an arbitrary DLL to be loaded. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37989 •
CVE-2022-38051 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38051
Windows Graphics Component Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Graphics Component. Este ID de CVE es diferente de CVE-2022-37997 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38051 •
CVE-2022-38037 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38037
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38038, CVE-2022-38039 The Windows Kernel suffers from a memory corruption vulnerability due to type confusion of subkey index leaves in registry hives. • http://packetstormsecurity.com/files/169791/Windows-Kernel-Type-Confusion-Memory-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38037 •
CVE-2022-37987 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37987
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Client Server Run-time Subsystem (CSRSS). Este ID de CVE es diferente de CVE-2022-37989 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CSRSS.exe process. By performing a DOS device redirection, an attacker can alter a path used for searching for dependencies. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37987 •