CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-34711 – Windows Defender Credential Guard Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-34711
Windows Defender Credential Guard Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows Defender Credential Guard. Este ID de CVE es diferente de CVE-2022-34705, CVE-2022-35771. On Windows, CG API KerbIumCreateApReqAuthenticator can be used to decrypt arbitrary encrypted Kerberos keys leading to information disclosure. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34711 •
CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 0CVE-2022-35820 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-35820
Windows Bluetooth Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios de Windows Bluetooth Driver This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bthport.sys driver. The issue results from improper authorization logic when accessing registry keys. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820 •
CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-35797 – Windows Hello Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-35797
Windows Hello Security Feature Bypass Vulnerability Vulnerabilidad de Omisión de la Funcionalidad de Seguridad de Windows Hello • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35797 •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2022-35795 – Windows Error Reporting Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-35795
Windows Error Reporting Service Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Error Reporting Service • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35795 •
CVSS: 8.1EPSS: 0%CPEs: 17EXPL: 0CVE-2022-35794 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35794
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Secure Socket Tunneling Protocol (SSTP). Este ID de CVE es diferente de CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35794 •