CVSS: 7.8EPSS: 6%CPEs: 14EXPL: 0CVE-2024-26190 – Microsoft QUIC Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-26190
12 Mar 2024 — Microsoft QUIC Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de Microsoft QUIC • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.4EPSS: 0%CPEs: 17EXPL: 2CVE-2023-44216
https://notcve.org/view.php?id=CVE-2023-44216
26 Sep 2023 — PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. PVRIC (PowerVR Image Compression) en Imagination 2018 y dispositivos GPU posteriores ofrece compresión tr... • https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack • CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 0%CPEs: 301EXPL: 1CVE-2023-20569 – amd: Return Address Predictor vulnerability leading to information disclosure
https://notcve.org/view.php?id=CVE-2023-20569
08 Aug 2023 — A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. Una vulnerabilidad de canal lateral en algunas de las CPU de AMD puede permitir que un atacante influya en la predicción de la dirección de retorno. Esto puede dar lugar a una ejecución especulativa en una dirección controlada por el atacante, lo que podría conducir a l... • http://www.openwall.com/lists/oss-security/2023/08/08/4 • CWE-203: Observable Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-34367
https://notcve.org/view.php?id=CVE-2023-34367
14 Jun 2023 — Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue. • http://blog.pi3.com.pl/?p=850 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 3%CPEs: 27EXPL: 0CVE-2022-35759 – Windows Local Security Authority (LSA) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-35759
31 May 2023 — Windows Local Security Authority (LSA) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35759 •
CVSS: 5.5EPSS: 0%CPEs: 27EXPL: 0CVE-2022-35758 – Windows Kernel Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-35758
31 May 2023 — Windows Kernel Memory Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35758 •
CVSS: 6.7EPSS: 0%CPEs: 24EXPL: 0CVE-2022-35754 – Unified Write Filter Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-35754
31 May 2023 — Unified Write Filter Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35754 •
CVSS: 8.1EPSS: 2%CPEs: 27EXPL: 0CVE-2022-35753 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35753
31 May 2023 — Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35753 •
CVSS: 8.1EPSS: 2%CPEs: 27EXPL: 0CVE-2022-35752 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35752
31 May 2023 — Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35752 •
CVSS: 5.9EPSS: 0%CPEs: 20EXPL: 0CVE-2022-35747 – Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-35747
31 May 2023 — Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35747 •