CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2022-41628
https://notcve.org/view.php?id=CVE-2022-41628
10 May 2023 — Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2022-41687
https://notcve.org/view.php?id=CVE-2022-41687
10 May 2023 — Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html • CWE-276: Incorrect Default Permissions CWE-277: Insecure Inherited Permissions •
CVSS: 7.8EPSS: 1%CPEs: 96EXPL: 0CVE-2023-21808 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21808
14 Feb 2023 — .NET and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808 • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 71EXPL: 0CVE-2023-21722 – .NET Framework Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21722
14 Feb 2023 — .NET Framework Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21722 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-38396
https://notcve.org/view.php?id=CVE-2022-38396
03 Feb 2023 — HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on October 31, 2021. • https://support.hp.com/ie-en/document/ish_7620368-7620413-16 •
CVSS: 7.1EPSS: 14%CPEs: 13EXPL: 1CVE-2021-43890 – Microsoft Windows AppX Installer Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-43890
15 Dec 2021 — We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader. An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user... • https://github.com/ChrisTitusTech/winutil/pull/26 •
CVSS: 9.3EPSS: 58%CPEs: 19EXPL: 4CVE-2020-0787 – Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
https://notcve.org/view.php?id=CVE-2020-0787
12 Mar 2020 — An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. Existe una vulnerabilidad de elevación de privilegios cuando el Windows Background Intelligent Transfer Service (BITS) maneja inapropiadamente los enlaces simbólicos, también se conoce como "Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerabilit... • https://packetstorm.news/files/id/158056 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 85%CPEs: 6EXPL: 15CVE-2019-0841 – Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-0841
09 Apr 2019 — An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. Existe una elevación de la vulnerabilidad de privilegios cuando el Servicio de implementación de Windows AppX (AppXSVC) maneja incorrectamente los enlaces físicos, también conocida como "Vulnerabilidad de Elevación Privilegios de Win... • https://packetstorm.news/files/id/153215 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 8%CPEs: 10EXPL: 0CVE-2019-0810 – Microsoft Chakra Object Reoptimization Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0810
09 Apr 2019 — A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. Existe una vulnerabilidad de ejecución remota de código en la forma en que el motor de scripting Chakra maneja los objetos en memoria en Microsoft Edge, también conocido como 'Vulnerabilidad de Corrupción de Memor... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 83%CPEs: 17EXPL: 7CVE-2018-8453 – Microsoft Win32k Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-8453
10 Oct 2018 — An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. Existe una vulnerabilidad de elevación de privilegios en Windows cuando el componente Win32k no gestiona adecuadamen... • https://packetstorm.news/files/id/153669 •