CVSS: 8.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-44676 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-44676
13 Dec 2022 — Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Windows Secure Socket Tunneling Protocol (SSTP) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44676 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2022-44697 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-44697
13 Dec 2022 — Windows Graphics Component Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Graphics Component This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from dereferencing a NULL pointer. An ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44697 •
CVSS: 7.8EPSS: 62%CPEs: 19EXPL: 1CVE-2022-44666 – Windows Contacts Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-44666
13 Dec 2022 — Windows Contacts Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Windows Contacts This advisory ties together older research on a contact file handling flaw on Microsoft Windows as well as recent research discovered that uses the same methodologies. • https://github.com/j00sean/CVE-2022-44666 •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-44678 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-44678
13 Dec 2022 — Windows Print Spooler Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Print Spooler • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44678 •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-44681 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-44681
13 Dec 2022 — Windows Print Spooler Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Print Spooler • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44681 •
CVSS: 7.8EPSS: 14%CPEs: 25EXPL: 1CVE-2022-35756 – Windows Kerberos Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-35756
08 Dec 2022 — Windows Kerberos Elevation of Privilege Vulnerability The HTTP server implemented in HTTP.SYS on Windows handles authentication in a system thread which bypasses PAC verification leading to escalation of privilege. • https://packetstorm.news/files/id/170128 •
CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-37966 – Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37966
09 Nov 2022 — Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Kerberos RC4-HMAC de Windows Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966 •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2022-37992 – Windows Group Policy Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37992
09 Nov 2022 — Windows Group Policy Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en la política de grupo de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37992 •
CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-38023 – Netlogon RPC Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38023
09 Nov 2022 — Netlogon RPC Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Netlogon RPC A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detec... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 • CWE-328: Use of Weak Hash •
CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 0CVE-2022-41039 – Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41039
09 Nov 2022 — Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del Windows Point-to-Point Tunneling Protocol • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41039 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •