CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2022-41628
https://notcve.org/view.php?id=CVE-2022-41628
10 May 2023 — Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2022-41687
https://notcve.org/view.php?id=CVE-2022-41687
10 May 2023 — Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html • CWE-276: Incorrect Default Permissions CWE-277: Insecure Inherited Permissions •
CVSS: 5.0EPSS: 0%CPEs: 71EXPL: 0CVE-2023-21722 – .NET Framework Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21722
14 Feb 2023 — .NET Framework Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21722 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 14%CPEs: 13EXPL: 1CVE-2021-43890 – Microsoft Windows AppX Installer Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-43890
15 Dec 2021 — We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader. An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user... • https://github.com/ChrisTitusTech/winutil/pull/26 •
CVSS: 9.3EPSS: 58%CPEs: 19EXPL: 4CVE-2020-0787 – Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
https://notcve.org/view.php?id=CVE-2020-0787
12 Mar 2020 — An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. Existe una vulnerabilidad de elevación de privilegios cuando el Windows Background Intelligent Transfer Service (BITS) maneja inapropiadamente los enlaces simbólicos, también se conoce como "Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerabilit... • https://packetstorm.news/files/id/158056 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •