CVE-2022-34714 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-34714
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows Secure Socket Tunneling Protocol (SSTP). Este ID de CVE es diferente de CVE-2022-34702, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34714 •
CVE-2022-34710 – Windows Defender Credential Guard Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-34710
Windows Defender Credential Guard Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows Defender Credential Guard. Este ID de CVE es diferente de CVE-2022-34704, CVE-2022-34712 Windows CG APIs, which take encrypted keys, do not limit what encryption or checksum types can be used with those keys. This can result in using weak encryption algorithms which could be abused to either generate keystreams or brute force encryption keys. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34710 •
CVE-2022-34709 – Windows Defender Credential Guard Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-34709
Windows Defender Credential Guard Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Funcionalidad de Seguridad de Windows Defender Credential Guard On Windows, a number of Kerberos CG APIs do not verify the ASN1 PDU type when decoding and encoding Kerberos ASN1 structures leading to type confusion and elevation of privilege. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34709 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2022-34708 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-34708
Windows Kernel Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows Kernel. Este ID de CVE es diferente de CVE-2022-30197 The Windows kernel suffers from an invalid read/write condition due to an unchecked Blink cell index in the root security descriptor. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34708 •
CVE-2022-34707 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-34707
Windows Kernel Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-35761, CVE-2022-35768 The Windows kernel suffers from a use-after-free vulnerability due to a refcount overflow in the registry hive security descriptors. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34707 • CWE-416: Use After Free •