CVSS: 7.3EPSS: 4%CPEs: 3EXPL: 3CVE-2022-38604
https://notcve.org/view.php?id=CVE-2022-38604
11 Apr 2023 — Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability. • https://github.com/LucaBarile/CVE-2022-38604 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 16%CPEs: 11EXPL: 1CVE-2023-23388 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23388
14 Mar 2023 — Windows Bluetooth Driver Elevation of Privilege Vulnerability • https://github.com/ynwarcs/CVE-2023-23388 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0400
https://notcve.org/view.php?id=CVE-2023-0400
01 Feb 2023 — The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. ... Loading from a local driver was correctly prevented. • https://github.com/pinpinsec/CVE-2023-0400 • CWE-427: Uncontrolled Search Path Element CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 4CVE-2022-47632 – Razer Synapse Race Condition / DLL Hijacking
https://notcve.org/view.php?id=CVE-2022-47632
27 Jan 2023 — As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows. ... As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows. • https://packetstorm.news/files/id/174696 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 73%CPEs: 5EXPL: 15CVE-2023-21768 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21768
10 Jan 2023 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Controlador de función auxiliar de Windows para la vulnerabilidad de elevación de privilegios de WinSock • https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 17EXPL: 1CVE-2023-21739 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21739
10 Jan 2023 — Windows Bluetooth Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador Bluetooth de Windows • https://github.com/gmh5225/CVE-2023-21739 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-34683
https://notcve.org/view.php?id=CVE-2022-34683
30 Dec 2022 — NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of service. NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en el controlador de la capa del modo kernel (nvlddmkm.sys) para DxgkDdiEscape, donde se produce una desreferencia de puntero nulo, lo que puede provocar una Denegación de Servicio (DoS). • https://github.com/gmh5225/CVE-2022-34683 • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 1CVE-2022-41114 – Windows Bind Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41114
09 Nov 2022 — Windows Bind Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Windows Bind Filter Driver • https://github.com/gmh5225/CVE-2022-41114 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 1CVE-2021-42205
https://notcve.org/view.php?id=CVE-2021-42205
07 Nov 2022 — ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that request is handled twice. El controlador de Windows del panel táctil ELAN Miniport anterior a 24.21.51.2, tal como se usa en hardware de PC de varios fabricantes, permite a los usuarios locales provocar una falla del sistema enviando una determinada solicitud IOCTL, porque esa solicitud se... • https://github.com/gmh5225/CVE-2021-42205 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 4CVE-2020-36603
https://notcve.org/view.php?id=CVE-2020-36603
14 Sep 2022 — The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be installed by a user with administrative privileges. El controlador anti trampas HoYoVerse (anteriormente miHoYo) Genshin Impact mhyprot2.sys versión 1.0.0.0, no restringe apropiadamente las llama... • https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html • CWE-269: Improper Privilege Management •