Total
3521 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-34705 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows Defender Credential Guard Elevation of Privilege Vulnerability | |||||
CVE-2022-34704 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 4.7 MEDIUM |
Windows Defender Credential Guard Information Disclosure Vulnerability | |||||
CVE-2022-34703 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||
CVE-2022-34702 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.1 HIGH |
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | |||||
CVE-2022-34701 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability | |||||
CVE-2022-34699 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows Win32k Elevation of Privilege Vulnerability | |||||
CVE-2022-34696 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows Hyper-V Remote Code Execution Vulnerability | |||||
CVE-2022-34691 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
CVE-2022-34690 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.1 HIGH |
Windows Fax Service Elevation of Privilege Vulnerability | |||||
CVE-2022-34689 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
Windows CryptoAPI Spoofing Vulnerability | |||||
CVE-2022-34303 | 3 Eurosoft-uk, Microsoft, Redhat | 10 Uefi Bootloader, Windows 10, Windows 11 and 7 more | 2024-11-21 | N/A | 6.7 MEDIUM |
A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | |||||
CVE-2022-34302 | 3 Horizondatasys, Microsoft, Redhat | 10 Uefi Bootloader, Windows 10, Windows 11 and 7 more | 2024-11-21 | N/A | 6.7 MEDIUM |
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | |||||
CVE-2022-34301 | 3 Kidan, Microsoft, Redhat | 10 Cryptopro Securedisk For Bitlocker, Windows 10, Windows 11 and 7 more | 2024-11-21 | N/A | 6.7 MEDIUM |
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | |||||
CVE-2022-33679 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 8.1 HIGH |
Windows Kerberos Elevation of Privilege Vulnerability | |||||
CVE-2022-33670 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||
CVE-2022-33647 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 8.1 HIGH |
Windows Kerberos Elevation of Privilege Vulnerability | |||||
CVE-2022-33645 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
Windows TCP/IP Driver Denial of Service Vulnerability | |||||
CVE-2022-33635 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
Windows GDI+ Remote Code Execution Vulnerability | |||||
CVE-2022-33634 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.1 HIGH |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
CVE-2022-32230 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2019 | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. |