CVSS: 8.8EPSS: 0%CPEs: 32EXPL: 1CVE-2022-22026 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-22026
12 Jul 2022 — Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows CSRSS. Este ID de CVE es diferente de CVE-2022-22047, CVE-2022-22049 A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges. • https://packetstorm.news/files/id/168068 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2022-22024 – Windows Fax Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22024
12 Jul 2022 — Windows Fax Service Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Windows Fax Service. Este ID de CVE es diferente de CVE-2022-22027 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22024 •
CVSS: 6.9EPSS: 0%CPEs: 29EXPL: 0CVE-2022-22023 – Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-22023
12 Jul 2022 — Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de la Funcionalidad de Seguridad del Servicio de Enumerador de Dispositivos Portátiles de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22023 •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 0CVE-2022-22022 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-22022
12 Jul 2022 — Windows Print Spooler Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Print Spooler. Este ID de CVE es diferente de CVE-2022-22041, CVE-2022-30206, CVE-2022-30226 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22022 •
CVSS: 4.7EPSS: 0%CPEs: 29EXPL: 0CVE-2022-21845 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-21845
12 Jul 2022 — Windows Kernel Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Windows Kernel • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21845 •
CVSS: 8.8EPSS: 3%CPEs: 32EXPL: 0CVE-2022-22034 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-22034
12 Jul 2022 — Windows Graphics Component Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Graphics Component This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. The issue results from the lack of validating the existence of an obj... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22034 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 4%CPEs: 20EXPL: 1CVE-2022-30166 – Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-30166
15 Jun 2022 — Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Local Security Authority Subsystem Service On Microsoft Windows, the LsapGetClientInfo API in LSASRV will fallback and directly capture a caller's impersonation token if it fails to impersonate, leading to elevation of privilege if the impersonation level is not checked. • https://packetstorm.news/files/id/167754 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2022-30164 – Kerberos AppContainer Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-30164
15 Jun 2022 — Kerberos AppContainer Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de Funciones de Seguridad de Kerberos AppContainer On Windows 11, the Kerberos SSP's KerbRetrieveEncodedTicketMessage message can be used to get an arbitrary service ticket and session key from an AppContainer even without the enterprise authentication capability leading to elevation of privilege. • https://packetstorm.news/files/id/167716 •
CVSS: 8.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-30163 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-30163
15 Jun 2022 — Windows Hyper-V Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Windows Hyper-V • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30163 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 2%CPEs: 20EXPL: 0CVE-2022-30161 – Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-30161
15 Jun 2022 — Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Windows Lightweight Directory Access Protocol (LDAP). Este ID de CVE es diferente de CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30161 •