Patch Tuesday - September 2022

2022-09-13T20:11:08

Description

![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/patches-2.jpg) This month’s [Patch Tuesday](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep>) is on the lighter side, with 79 CVEs being fixed by Microsoft (including 16 CVEs affecting Chromium, used by their Edge browser, that were already available). One zero-day was announced: [CVE-2022-37969](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37969>) is an elevation of privilege vulnerability affecting the Log File System Driver in all supported versions of Windows, allowing attackers to gain SYSTEM-level access on an asset they’ve already got an initial foothold in. Interestingly, Microsoft credits four separate researchers/organizations for independently reporting this, which may be indicative of relatively widespread exploitation. Also previously disclosed (in March), though less useful to attackers, Microsoft has released a fix for [CVE-2022-23960](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23960>) (aka Spectre-BHB) for Windows 11 on ARM64. Some of the more noteworthy vulnerabilities this month affect Windows systems with IPSec enabled. [CVE-2022-34718](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718>) allows remote code execution (RCE) on any Windows system reachable via IPv6; [CVE-2022-34721](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34721>) and [CVE-2022-34722](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34722>) are RCE vulnerabilities in the Windows Internet Key Exchange (IKE) Protocol Extensions. All three CVEs are ranked Critical and carry a CVSSv3 base score of 9.8. Rounding out the Critical RCEs this month are [CVE-2022-35805](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35805>) and [CVE-2022-34700](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34700>), both of which affect Microsoft Dynamics (on-premise) and have a CVSSv3 base score of 8.8. Any such systems should be updated immediately. SharePoint administrators should also be aware of four separate RCEs being addressed this month. They’re ranked Important, meaning Microsoft recommends applying the updates at the earliest opportunity. Finally, a large swath of CVEs affecting OLE DB Provider for SQL Server and the Microsoft ODBC Driver were also fixed. These require some social engineering to exploit, by convincing a user to either connect to a malicious SQL Server or open a maliciously crafted .mdb (Access) file. ## Summary charts ![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-vuln_count_severity.png)![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-vuln_count_impact.png)![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-cvssv3_hist.png)![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-vuln_count_component.png) ## Summary tables ### Azure vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-38007](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38007>) | Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability | No | No | 7.8 | Yes ### Browser vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-38012](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38012>) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | No | No | 7.7 | Yes [CVE-2022-3075](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3075>) | Chromium: CVE-2022-3075 Insufficient data validation in Mojo | No | No | N/A | Yes [CVE-2022-3058](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3058>) | Chromium: CVE-2022-3058 Use after free in Sign-In Flow | No | No | N/A | Yes [CVE-2022-3057](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3057>) | Chromium: CVE-2022-3057 Inappropriate implementation in iframe Sandbox | No | No | N/A | Yes [CVE-2022-3056](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3056>) | Chromium: CVE-2022-3056 Insufficient policy enforcement in Content Security Policy | No | No | N/A | Yes [CVE-2022-3055](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3055>) | Chromium: CVE-2022-3055 Use after free in Passwords | No | No | N/A | Yes [CVE-2022-3054](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3054>) | Chromium: CVE-2022-3054 Insufficient policy enforcement in DevTools | No | No | N/A | Yes [CVE-2022-3053](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3053>) | Chromium: CVE-2022-3053 Inappropriate implementation in Pointer Lock | No | No | N/A | Yes [CVE-2022-3047](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3047>) | Chromium: CVE-2022-3047 Insufficient policy enforcement in Extensions API | No | No | N/A | Yes [CVE-2022-3046](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3046>) | Chromium: CVE-2022-3046 Use after free in Browser Tag | No | No | N/A | Yes [CVE-2022-3045](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3045>) | Chromium: CVE-2022-3045 Insufficient validation of untrusted input in V8 | No | No | N/A | Yes [CVE-2022-3044](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3044>) | Chromium: CVE-2022-3044 Inappropriate implementation in Site Isolation | No | No | N/A | Yes [CVE-2022-3041](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3041>) | Chromium: CVE-2022-3041 Use after free in WebSQL | No | No | N/A | Yes [CVE-2022-3040](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3040>) | Chromium: CVE-2022-3040 Use after free in Layout | No | No | N/A | Yes [CVE-2022-3039](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3039>) | Chromium: CVE-2022-3039 Use after free in WebSQL | No | No | N/A | Yes [CVE-2022-3038](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3038>) | Chromium: CVE-2022-3038 Use after free in Network Service | No | No | N/A | Yes ### Developer Tools vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-26929](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26929>) | .NET Framework Remote Code Execution Vulnerability | No | No | 7.8 | Yes [CVE-2022-38013](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013>) | .NET Core and Visual Studio Denial of Service Vulnerability | No | No | 7.5 | No [CVE-2022-38020](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38020>) | Visual Studio Code Elevation of Privilege Vulnerability | No | No | 7.3 | Yes ### ESU vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-37964](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37964>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No ### Microsoft Dynamics vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-35805](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35805>) | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34700](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34700>) | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | No | No | 8.8 | Yes ### Microsoft Office vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-38008](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38008>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-38009](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38009>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-37961](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37961>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-35823](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35823>) | Microsoft SharePoint Remote Code Execution Vulnerability | No | No | 8.1 | Yes [CVE-2022-37962](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37962>) | Microsoft PowerPoint Remote Code Execution Vulnerability | No | No | 7.8 | Yes [CVE-2022-38010](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38010>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes [CVE-2022-37963](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37963>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes ### System Center vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-35828](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35828>) | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | No | No | 7.8 | Yes ### Windows vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-35841](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35841>) | Windows Enterprise App Management Service Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-30196](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30196>) | Windows Secure Channel Denial of Service Vulnerability | No | No | 8.2 | Yes [CVE-2022-37957](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37957>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-37954](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37954>) | DirectX Graphics Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-38019](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38019>) | AV1 Video Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes [CVE-2022-35838](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35838>) | HTTP V3 Denial of Service Vulnerability | No | No | 7.5 | No [CVE-2022-38011](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38011>) | Raw Image Extension Remote Code Execution Vulnerability | No | No | 7.3 | Yes [CVE-2022-26928](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26928>) | Windows Photo Import API Elevation of Privilege Vulnerability | No | No | 7 | Yes [CVE-2022-34725](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34725>) | Windows ALPC Elevation of Privilege Vulnerability | No | No | 7 | Yes [CVE-2022-37959](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37959>) | Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability | No | No | 6.5 | Yes [CVE-2022-35831](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35831>) | Windows Remote Access Connection Manager Information Disclosure Vulnerability | No | No | 5.5 | Yes [CVE-2022-34723](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34723>) | Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability | No | No | 5.5 | Yes [CVE-2022-23960](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23960>) | Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability | No | Yes | N/A | Yes ### Windows ESU vulnerabilities CVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? ---|---|---|---|---|--- [CVE-2022-34718](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34718>) | Windows TCP/IP Remote Code Execution Vulnerability | No | No | 9.8 | Yes [CVE-2022-34721](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34721>) | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | No | No | 9.8 | Yes [CVE-2022-34722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34722>) | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | No | No | 9.8 | Yes [CVE-2022-35834](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35834>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-35835](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35835>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-35836](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35836>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-35840](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35840>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34731](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34731>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34733](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34733>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34726](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34726>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34727](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34727>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34730](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34730>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34732](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34732>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-34734](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34734>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes [CVE-2022-33679](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33679>) | Windows Kerberos Elevation of Privilege Vulnerability | No | No | 8.1 | Yes [CVE-2022-33647](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33647>) | Windows Kerberos Elevation of Privilege Vulnerability | No | No | 8.1 | Yes [CVE-2022-35830](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35830>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.1 | Yes [CVE-2022-38005](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38005>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-30200](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30200>) | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | No | No | 7.8 | Yes [CVE-2022-37956](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37956>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-37955](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37955>) | Windows Group Policy Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-34729](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34729>) | Windows GDI Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-38004](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38004>) | Windows Fax Service Remote Code Execution Vulnerability | No | No | 7.8 | Yes [CVE-2022-34719](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34719>) | Windows Distributed File System (DFS) Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-37969](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37969>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Yes | Yes | 7.8 | Yes [CVE-2022-35803](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35803>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes [CVE-2022-35833](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35833>) | Windows Secure Channel Denial of Service Vulnerability | No | No | 7.5 | No [CVE-2022-34720](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34720>) | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | No | No | 7.5 | No [CVE-2022-34724](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34724>) | Windows DNS Server Denial of Service Vulnerability | No | No | 7.5 | No [CVE-2022-37958](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37958>) | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability | No | No | 7.5 | Yes [CVE-2022-30170](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30170>) | Windows Credential Roaming Service Elevation of Privilege Vulnerability | No | No | 7.3 | Yes [CVE-2022-38006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38006>) | Windows Graphics Component Information Disclosure Vulnerability | No | No | 6.5 | Yes [CVE-2022-34728](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34728>) | Windows Graphics Component Information Disclosure Vulnerability | No | No | 5.5 | Yes [CVE-2022-35832](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35832>) | Windows Event Tracing Denial of Service Vulnerability | No | No | 5.5 | No [CVE-2022-35837](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35837>) | Windows Graphics Component Information Disclosure Vulnerability | No | No | 5 | Yes #### NEVER MISS A BLOG Get the latest stories, expertise, and news about security today. Subscribe

{"id": "RAPID7BLOG:207700353EDB2453B1928E90A6683A0E", "vendorId": null, "type": "rapid7blog", "bulletinFamily": "info", "title": "Patch Tuesday - September 2022", "description": "![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/patches-2.jpg)\n\nThis month\u2019s [Patch Tuesday](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep>) is on the lighter side, with 79 CVEs being fixed by Microsoft (including 16 CVEs affecting Chromium, used by their Edge browser, that were already available). One zero-day was announced: [CVE-2022-37969](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37969>) is an elevation of privilege vulnerability affecting the Log File System Driver in all supported versions of Windows, allowing attackers to gain SYSTEM-level access on an asset they\u2019ve already got an initial foothold in. Interestingly, Microsoft credits four separate researchers/organizations for independently reporting this, which may be indicative of relatively widespread exploitation. Also previously disclosed (in March), though less useful to attackers, Microsoft has released a fix for [CVE-2022-23960](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23960>) (aka Spectre-BHB) for Windows 11 on ARM64.\n\nSome of the more noteworthy vulnerabilities this month affect Windows systems with IPSec enabled. [CVE-2022-34718](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718>) allows remote code execution (RCE) on any Windows system reachable via IPv6; [CVE-2022-34721](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34721>) and [CVE-2022-34722](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34722>) are RCE vulnerabilities in the Windows Internet Key Exchange (IKE) Protocol Extensions. All three CVEs are ranked Critical and carry a CVSSv3 base score of 9.8. Rounding out the Critical RCEs this month are [CVE-2022-35805](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35805>) and [CVE-2022-34700](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34700>), both of which affect Microsoft Dynamics (on-premise) and have a CVSSv3 base score of 8.8. Any such systems should be updated immediately.\n\nSharePoint administrators should also be aware of four separate RCEs being addressed this month. They\u2019re ranked Important, meaning Microsoft recommends applying the updates at the earliest opportunity. Finally, a large swath of CVEs affecting OLE DB Provider for SQL Server and the Microsoft ODBC Driver were also fixed. These require some social engineering to exploit, by convincing a user to either connect to a malicious SQL Server or open a maliciously crafted .mdb (Access) file.\n\n## Summary charts\n\n![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-vuln_count_severity.png)![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-vuln_count_impact.png)![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-cvssv3_hist.png)![Patch Tuesday - September 2022](https://blog.rapid7.com/content/images/2022/09/2022-09-vuln_count_component.png)\n\n## Summary tables\n\n### Azure vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-38007](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38007>) | Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n### Browser vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-38012](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38012>) | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | No | No | 7.7 | Yes \n[CVE-2022-3075](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3075>) | Chromium: CVE-2022-3075 Insufficient data validation in Mojo | No | No | N/A | Yes \n[CVE-2022-3058](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3058>) | Chromium: CVE-2022-3058 Use after free in Sign-In Flow | No | No | N/A | Yes \n[CVE-2022-3057](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3057>) | Chromium: CVE-2022-3057 Inappropriate implementation in iframe Sandbox | No | No | N/A | Yes \n[CVE-2022-3056](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3056>) | Chromium: CVE-2022-3056 Insufficient policy enforcement in Content Security Policy | No | No | N/A | Yes \n[CVE-2022-3055](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3055>) | Chromium: CVE-2022-3055 Use after free in Passwords | No | No | N/A | Yes \n[CVE-2022-3054](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3054>) | Chromium: CVE-2022-3054 Insufficient policy enforcement in DevTools | No | No | N/A | Yes \n[CVE-2022-3053](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3053>) | Chromium: CVE-2022-3053 Inappropriate implementation in Pointer Lock | No | No | N/A | Yes \n[CVE-2022-3047](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3047>) | Chromium: CVE-2022-3047 Insufficient policy enforcement in Extensions API | No | No | N/A | Yes \n[CVE-2022-3046](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3046>) | Chromium: CVE-2022-3046 Use after free in Browser Tag | No | No | N/A | Yes \n[CVE-2022-3045](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3045>) | Chromium: CVE-2022-3045 Insufficient validation of untrusted input in V8 | No | No | N/A | Yes \n[CVE-2022-3044](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3044>) | Chromium: CVE-2022-3044 Inappropriate implementation in Site Isolation | No | No | N/A | Yes \n[CVE-2022-3041](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3041>) | Chromium: CVE-2022-3041 Use after free in WebSQL | No | No | N/A | Yes \n[CVE-2022-3040](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3040>) | Chromium: CVE-2022-3040 Use after free in Layout | No | No | N/A | Yes \n[CVE-2022-3039](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3039>) | Chromium: CVE-2022-3039 Use after free in WebSQL | No | No | N/A | Yes \n[CVE-2022-3038](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3038>) | Chromium: CVE-2022-3038 Use after free in Network Service | No | No | N/A | Yes \n \n### Developer Tools vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-26929](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26929>) | .NET Framework Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38013](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013>) | .NET Core and Visual Studio Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-38020](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38020>) | Visual Studio Code Elevation of Privilege Vulnerability | No | No | 7.3 | Yes \n \n### ESU vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-37964](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37964>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n \n### Microsoft Dynamics vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-35805](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35805>) | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34700](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34700>) | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n \n### Microsoft Office vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-38008](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38008>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-38009](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38009>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-37961](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37961>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35823](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35823>) | Microsoft SharePoint Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-37962](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37962>) | Microsoft PowerPoint Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38010](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38010>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37963](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37963>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n \n### System Center vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-35828](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35828>) | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n### Windows vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-35841](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35841>) | Windows Enterprise App Management Service Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-30196](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30196>) | Windows Secure Channel Denial of Service Vulnerability | No | No | 8.2 | Yes \n[CVE-2022-37957](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37957>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37954](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37954>) | DirectX Graphics Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38019](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38019>) | AV1 Video Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35838](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35838>) | HTTP V3 Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-38011](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38011>) | Raw Image Extension Remote Code Execution Vulnerability | No | No | 7.3 | Yes \n[CVE-2022-26928](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26928>) | Windows Photo Import API Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-34725](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34725>) | Windows ALPC Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-37959](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37959>) | Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35831](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35831>) | Windows Remote Access Connection Manager Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-34723](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34723>) | Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-23960](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23960>) | Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability | No | Yes | N/A | Yes \n \n### Windows ESU vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-34718](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34718>) | Windows TCP/IP Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2022-34721](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34721>) | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2022-34722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34722>) | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2022-35834](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35834>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35835](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35835>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35836](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35836>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-35840](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35840>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34731](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34731>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34733](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34733>) | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34726](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34726>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34727](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34727>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34730](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34730>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34732](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34732>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-34734](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34734>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-33679](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33679>) | Windows Kerberos Elevation of Privilege Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-33647](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33647>) | Windows Kerberos Elevation of Privilege Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-35830](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35830>) | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-38005](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38005>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-30200](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30200>) | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37956](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37956>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37955](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37955>) | Windows Group Policy Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34729](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34729>) | Windows GDI Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38004](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38004>) | Windows Fax Service Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-34719](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34719>) | Windows Distributed File System (DFS) Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37969](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37969>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Yes | Yes | 7.8 | Yes \n[CVE-2022-35803](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35803>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-35833](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35833>) | Windows Secure Channel Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-34720](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34720>) | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-34724](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34724>) | Windows DNS Server Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-37958](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37958>) | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-30170](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30170>) | Windows Credential Roaming Service Elevation of Privilege Vulnerability | No | No | 7.3 | Yes \n[CVE-2022-38006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38006>) | Windows Graphics Component Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-34728](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34728>) | Windows Graphics Component Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-35832](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35832>) | Windows Event Tracing Denial of Service Vulnerability | No | No | 5.5 | No \n[CVE-2022-35837](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35837>) | Windows Graphics Component Information Disclosure Vulnerability | No | No | 5 | Yes \n \n#### NEVER MISS A BLOG\n\nGet the latest stories, expertise, and news about security today.\n\nSubscribe", "published": "2022-09-13T20:11:08", "modified": "2022-09-13T20:11:08", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9}, "severity": "LOW", "exploitabilityScore": 3.4, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://blog.rapid7.com/2022/09/13/patch-tuesday-september-2022/", "reporter": "Greg Wiseman", "references": [], "cvelist": ["CVE-2022-23960", "CVE-2022-26928", "CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30196", "CVE-2022-30200", "CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3075", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34700", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34723", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35805", "CVE-2022-35823", "CVE-2022-35828", "CVE-2022-35830", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35838", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37954", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37958", "CVE-2022-37959", "CVE-2022-37961", "CVE-2022-37962", "CVE-2022-37963", "CVE-2022-37964", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006", "CVE-2022-38007", "CVE-2022-38008", "CVE-2022-38009", "CVE-2022-38010", "CVE-2022-38011", "CVE-2022-38012", "CVE-2022-38013", "CVE-2022-38019", "CVE-2022-38020"], "immutableFields": [], "lastseen": "2022-09-13T22:03:40", "viewCount": 143, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2022-1571", "ALAS2-2022-1761"]}, {"type": "androidsecurity", "idList": ["ANDROID:2022-09-01"]}, {"type": "attackerkb", "idList": ["AKB:FECA1489-DC05-4990-A74B-DED8F2AF4441"]}, {"type": "chrome", "idList": ["GCSA-3975554673488527527", "GCSA-6098751293474831349"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2022-3075"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:FD7245C3742F24986DE3C2791BDAC899"]}, {"type": "cve", "idList": ["CVE-2022-23960", "CVE-2022-26928", "CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30196", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34700", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34723", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35805", "CVE-2022-35823", "CVE-2022-35828", "CVE-2022-35830", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35838", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37954", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37958", "CVE-2022-37959", "CVE-2022-37961", "CVE-2022-37962", "CVE-2022-37963", "CVE-2022-37964", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006", "CVE-2022-38007", "CVE-2022-38008", "CVE-2022-38009", "CVE-2022-38010", "CVE-2022-38011", "CVE-2022-38012", "CVE-2022-38013", "CVE-2022-38019", "CVE-2022-38020"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3065-1:C1710", "DEBIAN:DSA-5173-1:5A28E", "DEBIAN:DSA-5223-1:94035", "DEBIAN:DSA-5225-1:927E5"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-23960", "DEBIANCVE:CVE-2022-3038", "DEBIANCVE:CVE-2022-3039", "DEBIANCVE:CVE-2022-3040", "DEBIANCVE:CVE-2022-3041", "DEBIANCVE:CVE-2022-3044", "DEBIANCVE:CVE-2022-3045", "DEBIANCVE:CVE-2022-3046", "DEBIANCVE:CVE-2022-3047", "DEBIANCVE:CVE-2022-3053", "DEBIANCVE:CVE-2022-3054", "DEBIANCVE:CVE-2022-3055", "DEBIANCVE:CVE-2022-3056", "DEBIANCVE:CVE-2022-3057", "DEBIANCVE:CVE-2022-3058", "DEBIANCVE:CVE-2022-3075"]}, {"type": "freebsd", "idList": ["F2043FF6-2916-11ED-A1EF-3065EC8FD3EC", "F38D25AC-2B7A-11ED-A1EF-3065EC8FD3EC"]}, {"type": "hivepro", "idList": ["HIVEPRO:361A2FB730C7ECAF024FD15C73EB6E93"]}, {"type": "kaspersky", "idList": ["KLA15734", "KLA15736"]}, {"type": "mageia", "idList": ["MGASA-2022-0100", "MGASA-2022-0101", "MGASA-2022-0318"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:08FDD3DEF41B63F1DEB23C21DCFDB12D"]}, {"type": "mscve", "idList": ["MS:CVE-2022-23960", "MS:CVE-2022-26928", "MS:CVE-2022-26929", "MS:CVE-2022-30170", "MS:CVE-2022-30196", "MS:CVE-2022-30200", "MS:CVE-2022-3038", "MS:CVE-2022-3039", "MS:CVE-2022-3040", "MS:CVE-2022-3041", "MS:CVE-2022-3044", "MS:CVE-2022-3045", "MS:CVE-2022-3046", "MS:CVE-2022-3047", "MS:CVE-2022-3053", "MS:CVE-2022-3054", "MS:CVE-2022-3055", "MS:CVE-2022-3056", "MS:CVE-2022-3057", "MS:CVE-2022-3058", "MS:CVE-2022-3075", "MS:CVE-2022-33647", "MS:CVE-2022-33679", "MS:CVE-2022-34700", "MS:CVE-2022-34718", "MS:CVE-2022-34719", "MS:CVE-2022-34720", "MS:CVE-2022-34721", "MS:CVE-2022-34722", "MS:CVE-2022-34723", "MS:CVE-2022-34724", "MS:CVE-2022-34725", "MS:CVE-2022-34726", "MS:CVE-2022-34727", "MS:CVE-2022-34728", "MS:CVE-2022-34729", "MS:CVE-2022-34730", "MS:CVE-2022-34731", "MS:CVE-2022-34732", "MS:CVE-2022-34733", "MS:CVE-2022-34734", "MS:CVE-2022-35803", "MS:CVE-2022-35805", "MS:CVE-2022-35823", "MS:CVE-2022-35828", "MS:CVE-2022-35830", "MS:CVE-2022-35831", "MS:CVE-2022-35832", "MS:CVE-2022-35833", "MS:CVE-2022-35834", "MS:CVE-2022-35835", "MS:CVE-2022-35836", "MS:CVE-2022-35837", "MS:CVE-2022-35838", "MS:CVE-2022-35840", "MS:CVE-2022-35841", "MS:CVE-2022-37954", "MS:CVE-2022-37955", "MS:CVE-2022-37956", "MS:CVE-2022-37957", "MS:CVE-2022-37958", "MS:CVE-2022-37959", "MS:CVE-2022-37961", "MS:CVE-2022-37962", "MS:CVE-2022-37963", "MS:CVE-2022-37964", "MS:CVE-2022-37969", "MS:CVE-2022-38004", "MS:CVE-2022-38005", "MS:CVE-2022-38006", "MS:CVE-2022-38007", "MS:CVE-2022-38008", "MS:CVE-2022-38009", "MS:CVE-2022-38010", "MS:CVE-2022-38011", "MS:CVE-2022-38012", "MS:CVE-2022-38013", "MS:CVE-2022-38019", "MS:CVE-2022-38020"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-039.NASL", "AL2_ALAS-2022-1761.NASL", "AL2_ALASKERNEL-5_10-2022-011.NASL", "AL2_ALASKERNEL-5_4-2022-023.NASL", "ALA_ALAS-2022-1571.NASL", "DEBIAN_DLA-3065.NASL", "DEBIAN_DSA-5173.NASL", "DEBIAN_DSA-5223.NASL", "DEBIAN_DSA-5225.NASL", "EULEROS_SA-2022-1934.NASL", "EULEROS_SA-2022-1969.NASL", "EULEROS_SA-2022-2110.NASL", "EULEROS_SA-2022-2159.NASL", "FREEBSD_PKG_F2043FF6291611EDA1EF3065EC8FD3EC.NASL", "FREEBSD_PKG_F38D25AC2B7A11EDA1EF3065EC8FD3EC.NASL", "GOOGLE_CHROME_105_0_5195_102.NASL", "GOOGLE_CHROME_105_0_5195_52.NASL", "MACOSX_GOOGLE_CHROME_105_0_5195_102.NASL", "MACOSX_GOOGLE_CHROME_105_0_5195_52.NASL", "MICROSOFT_EDGE_CHROMIUM_105_0_1343_25.NASL", "MICROSOFT_EDGE_CHROMIUM_105_0_1343_27.NASL", "OPENSUSE-2022-10118-1.NASL", "OPENSUSE-2022-10119-1.NASL", "ORACLELINUX_ELSA-2022-9244.NASL", "ORACLELINUX_ELSA-2022-9245.NASL", "ORACLELINUX_ELSA-2022-9273.NASL", "ORACLELINUX_ELSA-2022-9274.NASL", "SLACKWARE_SSA_2022-129-01.NASL", "SUSE_SU-2022-1196-1.NASL", "SUSE_SU-2022-1651-1.NASL", "UBUNTU_USN-5317-1.NASL", "UBUNTU_USN-5318-1.NASL", "UBUNTU_USN-5362-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-9244", "ELSA-2022-9245", "ELSA-2022-9273", "ELSA-2022-9274"]}, {"type": "osv", "idList": ["OSV:DLA-3065-1", "OSV:DSA-5173-1", "OSV:DSA-5223-1", "OSV:DSA-5225-1"]}, {"type": "photon", "idList": ["PHSA-2022-0393"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:55DEB69D0C94AA59433F0E33F7B45AEC", "QUALYSBLOG:9404839CD3C8BAC4F52CB2E5E91BC85E", "QUALYSBLOG:DE2E40D3BB574E53C7448F3A304849C9"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-23960"]}, {"type": "slackware", "idList": ["SSA-2022-129-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:10117-1", "OPENSUSE-SU-2022:10118-1", "OPENSUSE-SU-2022:10119-1", "OPENSUSE-SU-2022:10120-1"]}, {"type": "talosblog", "idList": ["TALOSBLOG:E99AAC7F44B9D1EA471CB0F2A592FA92"]}, {"type": "thn", "idList": ["THN:0ADE883013E260B4548F6E16D65487D3"]}, {"type": "ubuntu", "idList": ["USN-5317-1", "USN-5318-1", "USN-5362-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-23960", "UB:CVE-2022-3038", "UB:CVE-2022-3039", "UB:CVE-2022-3040", "UB:CVE-2022-3041", "UB:CVE-2022-3044", "UB:CVE-2022-3045", "UB:CVE-2022-3046", "UB:CVE-2022-3047", "UB:CVE-2022-3053", "UB:CVE-2022-3054", "UB:CVE-2022-3055", "UB:CVE-2022-3056", "UB:CVE-2022-3057", "UB:CVE-2022-3058", "UB:CVE-2022-3075"]}, {"type": "veracode", "idList": ["VERACODE:35289"]}, {"type": "xen", "idList": ["XSA-398"]}]}, "score": {"value": 1.1, "vector": "NONE"}, "vulnersScore": 1.1}, "_state": {"dependencies": 1663106887, "score": 1663107179}, "_internal": {"score_hash": "20ccd7495f8b73bdd7e18d0f0150f790"}}

{"nessus": [{"lastseen": "2023-01-30T16:15:38", "description": "The remote Windows host is missing security update 5017305. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017305: Windows 10 Version 1607 and Windows Server 2016 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26928", "CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37958", "CVE-2022-37959", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017305.NASL", "href": "https://www.tenable.com/plugins/nessus/164996", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164996);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-26928\",\n \"CVE-2022-26929\",\n \"CVE-2022-30170\",\n \"CVE-2022-30200\",\n \"CVE-2022-33647\",\n \"CVE-2022-33679\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34724\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35830\",\n \"CVE-2022-35831\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-35841\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37957\",\n \"CVE-2022-37958\",\n \"CVE-2022-37959\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017305\");\n script_xref(name:\"MSFT\", value:\"MS22-5017305\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0376-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017305: Windows 10 Version 1607 and Windows Server 2016 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017305. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017305\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017305\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017305'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:14393,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017305])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:15:38", "description": "The remote Windows host is missing security update 5017373. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017373: Windows Server 2008 R2 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37958", "CVE-2022-37964", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017373.NASL", "href": "https://www.tenable.com/plugins/nessus/165002", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165002);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-26929\",\n \"CVE-2022-30170\",\n \"CVE-2022-30200\",\n \"CVE-2022-33647\",\n \"CVE-2022-33679\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34724\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35830\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37958\",\n \"CVE-2022-37964\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017361\");\n script_xref(name:\"MSKB\", value:\"5017373\");\n script_xref(name:\"MSFT\", value:\"MS22-5017361\");\n script_xref(name:\"MSFT\", value:\"MS22-5017373\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0376-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017373: Windows Server 2008 R2 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017373. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017373\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017373 or Cumulative Update 5017361\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017373',\n '5017361'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1',\n sp:1,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017373, 5017361])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:15:37", "description": "The remote Windows host is missing security update 5017315. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Secure Channel Denial of Service Vulnerability (CVE-2022-30196, CVE-2022-35833)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017315: Windows 10 version 1809 / Windows Server 2019 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26928", "CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30196", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37954", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37958", "CVE-2022-37959", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017315.NASL", "href": "https://www.tenable.com/plugins/nessus/164997", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164997);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-26928\",\n \"CVE-2022-26929\",\n \"CVE-2022-30170\",\n \"CVE-2022-30196\",\n \"CVE-2022-30200\",\n \"CVE-2022-33647\",\n \"CVE-2022-33679\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34724\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35830\",\n \"CVE-2022-35831\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-35841\",\n \"CVE-2022-37954\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37957\",\n \"CVE-2022-37958\",\n \"CVE-2022-37959\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017315\");\n script_xref(name:\"MSFT\", value:\"MS22-5017315\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0376-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017315: Windows 10 version 1809 / Windows Server 2019 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017315. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Secure Channel Denial of Service Vulnerability (CVE-2022-30196, CVE-2022-35833)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017315\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017315\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017315'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:17763,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017315])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:16:48", "description": "The remote Windows host is missing security update 5017371. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017371: Windows Server 2008 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37964", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017371.NASL", "href": "https://www.tenable.com/plugins/nessus/165004", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165004);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-26929\",\n \"CVE-2022-30170\",\n \"CVE-2022-30200\",\n \"CVE-2022-33647\",\n \"CVE-2022-33679\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34724\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35830\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37964\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017358\");\n script_xref(name:\"MSKB\", value:\"5017371\");\n script_xref(name:\"MSFT\", value:\"MS22-5017358\");\n script_xref(name:\"MSFT\", value:\"MS22-5017371\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n\n script_name(english:\"KB5017371: Windows Server 2008 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017371. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017371\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017371 or Cumulative Update 5017358\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017371',\n '5017358'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0',\n sp:2,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017371, 5017358])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:15:55", "description": "The remote Windows host is missing security update 5017392. It is, therefore, affected by multiple vulnerabilities\n\n - HTTP V3 Denial of Service Vulnerability (CVE-2022-35838)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Secure Channel Denial of Service Vulnerability (CVE-2022-30196, CVE-2022-35833)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017392: Windows Server 2022 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30170", "CVE-2022-30196", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35838", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37954", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37958", "CVE-2022-37959", "CVE-2022-37969", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017392.NASL", "href": "https://www.tenable.com/plugins/nessus/165000", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165000);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-30170\",\n \"CVE-2022-30196\",\n \"CVE-2022-30200\",\n \"CVE-2022-33647\",\n \"CVE-2022-33679\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34724\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35830\",\n \"CVE-2022-35831\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35838\",\n \"CVE-2022-35840\",\n \"CVE-2022-35841\",\n \"CVE-2022-37954\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37958\",\n \"CVE-2022-37959\",\n \"CVE-2022-37969\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017392\");\n script_xref(name:\"MSFT\", value:\"MS22-5017392\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017392: Windows Server 2022 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017392. It is, therefore, affected by multiple vulnerabilities\n\n - HTTP V3 Denial of Service Vulnerability (CVE-2022-35838)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Secure Channel Denial of Service Vulnerability (CVE-2022-30196, CVE-2022-35833)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017392\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017316',\n '5017392'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:20348,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017316, 5017392])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:16:10", "description": "The remote Windows host is missing security update 5017328. It is, therefore, affected by multiple vulnerabilities\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. (CVE-2022-23960)\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017328: Windows 11 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23960", "CVE-2022-26928", "CVE-2022-30170", "CVE-2022-30196", "CVE-2022-30200", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34723", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35838", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37954", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37958", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017328.NASL", "href": "https://www.tenable.com/plugins/nessus/164998", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164998);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-23960\",\n \"CVE-2022-26928\",\n \"CVE-2022-30170\",\n \"CVE-2022-30196\",\n \"CVE-2022-30200\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34723\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35831\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35838\",\n \"CVE-2022-35840\",\n \"CVE-2022-35841\",\n \"CVE-2022-37954\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37957\",\n \"CVE-2022-37958\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017328\");\n script_xref(name:\"MSFT\", value:\"MS22-5017328\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017328: Windows 11 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017328. It is, therefore, affected by multiple vulnerabilities\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation,\n aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to\n influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive\n information. (CVE-2022-23960)\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017328\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017328\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017328\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017328'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:22000,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017328])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-30T16:16:28", "description": "The remote Windows host is missing security update 5017327. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017327: Windows 10 LTS 1507 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26928", "CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30200", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37958", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017327.NASL", "href": "https://www.tenable.com/plugins/nessus/165006", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165006);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-26928\",\n \"CVE-2022-26929\",\n \"CVE-2022-30170\",\n \"CVE-2022-30200\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35831\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-35841\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37958\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017327\");\n script_xref(name:\"MSFT\", value:\"MS22-5017327\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0376-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017327: Windows 10 LTS 1507 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017327. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017327\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017327\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017327\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017327'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:10240,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017327])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:15:55", "description": "The remote Windows host is missing security update 5017377. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017377: Windows Server 2012 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26929", "CVE-2022-30170", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37958", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017377.NASL", "href": "https://www.tenable.com/plugins/nessus/165007", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165007);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-26929\",\n \"CVE-2022-30170\",\n \"CVE-2022-30200\",\n \"CVE-2022-33647\",\n \"CVE-2022-33679\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34724\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35830\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37958\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017370\");\n script_xref(name:\"MSKB\", value:\"5017377\");\n script_xref(name:\"MSFT\", value:\"MS22-5017370\");\n script_xref(name:\"MSFT\", value:\"MS22-5017377\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0376-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017377: Windows Server 2012 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017377. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017377\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017377\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017377 or Cumulative Update 5017370\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017377',\n '5017370'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2',\n sp:0,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017377, 5017370])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:15:55", "description": "The remote Windows host is missing security update 5017308. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Secure Channel Denial of Service Vulnerability (CVE-2022-30196, CVE-2022-35833)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017308: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26928", "CVE-2022-30170", "CVE-2022-30196", "CVE-2022-30200", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37954", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37958", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017308.NASL", "href": "https://www.tenable.com/plugins/nessus/164994", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164994);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-26928\",\n \"CVE-2022-30170\",\n \"CVE-2022-30196\",\n \"CVE-2022-30200\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35831\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-35841\",\n \"CVE-2022-37954\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37957\",\n \"CVE-2022-37958\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017308\");\n script_xref(name:\"MSFT\", value:\"MS22-5017308\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017308: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017308. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Secure Channel Denial of Service Vulnerability (CVE-2022-30196, CVE-2022-35833)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017308\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017308\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017308'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nvar os_name = get_kb_item(\"SMB/ProductName\");\n\nif ( ( (\"enterprise\" >< tolower(os_name) || \"education\" >< tolower(os_name))\n &&\n smb_check_rollup(os:'10',\n os_build:19042,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017308]) \n )\n ||\n smb_check_rollup(os:'10',\n os_build:19043,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017308])\n || \n smb_check_rollup(os:'10',\n os_build:19044,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017308])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-30T16:16:10", "description": "The remote Windows host is missing security update 5017365. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "KB5017365: Windows Server 2012 R2 Security Update (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-30170", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37958", "CVE-2022-37959", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2023-01-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEP_5017365.NASL", "href": "https://www.tenable.com/plugins/nessus/165005", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165005);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/30\");\n\n script_cve_id(\n \"CVE-2022-30170\",\n \"CVE-2022-30200\",\n \"CVE-2022-33647\",\n \"CVE-2022-33679\",\n \"CVE-2022-34718\",\n \"CVE-2022-34719\",\n \"CVE-2022-34720\",\n \"CVE-2022-34721\",\n \"CVE-2022-34722\",\n \"CVE-2022-34724\",\n \"CVE-2022-34725\",\n \"CVE-2022-34726\",\n \"CVE-2022-34727\",\n \"CVE-2022-34728\",\n \"CVE-2022-34729\",\n \"CVE-2022-34730\",\n \"CVE-2022-34731\",\n \"CVE-2022-34732\",\n \"CVE-2022-34733\",\n \"CVE-2022-34734\",\n \"CVE-2022-35803\",\n \"CVE-2022-35830\",\n \"CVE-2022-35831\",\n \"CVE-2022-35832\",\n \"CVE-2022-35833\",\n \"CVE-2022-35834\",\n \"CVE-2022-35835\",\n \"CVE-2022-35836\",\n \"CVE-2022-35837\",\n \"CVE-2022-35840\",\n \"CVE-2022-37955\",\n \"CVE-2022-37956\",\n \"CVE-2022-37958\",\n \"CVE-2022-37959\",\n \"CVE-2022-37969\",\n \"CVE-2022-38004\",\n \"CVE-2022-38005\",\n \"CVE-2022-38006\"\n );\n script_xref(name:\"MSKB\", value:\"5017365\");\n script_xref(name:\"MSKB\", value:\"5017367\");\n script_xref(name:\"MSFT\", value:\"MS22-5017365\");\n script_xref(name:\"MSFT\", value:\"MS22-5017367\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0376-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0369-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0368-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0042\");\n\n script_name(english:\"KB5017365: Windows Server 2012 R2 Security Update (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5017365. It is, therefore, affected by multiple vulnerabilities\n\n - Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)\n\n - Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30200)\n\n - Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-33647, CVE-2022-33679)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5017367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5017367\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5017365 or Cumulative Update 5017367\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35840\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-34722\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-09';\nkbs = make_list(\n '5017367',\n '5017365'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3',\n sp:0,\n rollup_date:'09_2022',\n bulletin:bulletin,\n rollup_kb_list:[5017367, 5017365])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:28:40", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 105.0.1343.25. It is, therefore, affected by multiple vulnerabilities as referenced in the September 1, 2022 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-02T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 105.0.1343.25 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-38012"], "modified": "2022-10-11T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_105_0_1343_25.NASL", "href": "https://www.tenable.com/plugins/nessus/164638", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164638);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/11\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\",\n \"CVE-2022-38012\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0361-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 105.0.1343.25 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 105.0.1343.25. It is, therefore, affected\nby multiple vulnerabilities as referenced in the September 1, 2022 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#september-1-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?31d28038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3039\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3044\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38012\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 105.0.1343.25 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3058\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '105.0.1343.25' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:33:33", "description": "The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-16T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server 2016 (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-35823", "CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:*"], "id": "SMB_NT_MS22_SEP_OFFICE_SHAREPOINT_2016.NASL", "href": "https://www.tenable.com/plugins/nessus/165212", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165212);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2022-35823\",\n \"CVE-2022-37961\",\n \"CVE-2022-38008\",\n \"CVE-2022-38009\"\n );\n script_xref(name:\"MSKB\", value:\"5002269\");\n script_xref(name:\"MSFT\", value:\"MS22-5002269\");\n script_xref(name:\"IAVA\", value:\"2022-A-0371-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server 2016 (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server 2016 installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002269\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5002269 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38009\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : '2016',\n 'edition' : 'Server',\n 'kb' : '5002269',\n 'path' : app_info.path,\n 'version' : '16.0.5361.1002',\n 'append' : 'webservices\\\\conversionservices',\n 'file' : 'sword.dll',\n 'product_name' : 'Microsoft Sharepoint Enterprise Server 2016 SP1' \n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-09',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:33:16", "description": "The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-16T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server 2013 (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-35823", "CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server"], "id": "SMB_NT_MS22_SEP_OFFICE_SHAREPOINT_2013.NASL", "href": "https://www.tenable.com/plugins/nessus/165211", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165211);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2022-35823\",\n \"CVE-2022-37961\",\n \"CVE-2022-38008\",\n \"CVE-2022-38009\"\n );\n script_xref(name:\"MSKB\", value:\"5002267\");\n script_xref(name:\"MSFT\", value:\"MS22-5002267\");\n script_xref(name:\"IAVA\", value:\"2022-A-0371-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server 2013 (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server 2013 installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002267\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5002219\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38009\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : '2013',\n 'edition' : 'Foundation',\n 'sp' : '1',\n 'kb' : '5002267',\n 'path' : app_info.hotfix_path,\n 'version' : '15.0.5485.1000',\n 'append' : 'microsoft shared\\\\web server extensions\\\\15\\\\bin',\n 'file' : 'onetutil.dll',\n 'product_name' : 'Microsoft Sharepoint Foundation 2013 SP1' \n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-09',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:32:38", "description": "The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-16T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server Subscription Edition (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-35823", "CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:*"], "id": "SMB_NT_MS22_SEP_OFFICE_SHAREPOINT_SUBSCR.NASL", "href": "https://www.tenable.com/plugins/nessus/165214", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165214);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2022-35823\",\n \"CVE-2022-37961\",\n \"CVE-2022-38008\",\n \"CVE-2022-38009\"\n );\n script_xref(name:\"MSKB\", value:\"5002271\");\n script_xref(name:\"MSFT\", value:\"MS22-5002271\");\n script_xref(name:\"IAVA\", value:\"2022-A-0371-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server Subscription Edition (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server Subscription Edition installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002271\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5002271 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38009\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : 'Subscription Edition',\n 'edition' : 'Server',\n 'kb' : '5002271',\n 'path' : app_info.path,\n 'version' : '16.0.15601.20052',\n 'append' : 'webservices\\\\conversionservices',\n 'file' : 'pptconversion.dll',\n 'product_name' : 'Microsoft SharePoint Enterprise Server Subscription Edition'\n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-09',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:37", "description": "The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-16T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server 2019 (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-35823", "CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:*"], "id": "SMB_NT_MS22_SEP_OFFICE_SHAREPOINT_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/165213", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165213);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2022-35823\",\n \"CVE-2022-37961\",\n \"CVE-2022-38008\",\n \"CVE-2022-38009\"\n );\n script_xref(name:\"MSKB\", value:\"5002258\");\n script_xref(name:\"MSFT\", value:\"MS22-5002258\");\n script_xref(name:\"IAVA\", value:\"2022-A-0371-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server 2019 (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server 2019 installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002258\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5002258 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38009\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : '2019',\n 'edition' : 'Server',\n 'kb' : '5002258',\n 'path' : app_info.path,\n 'version' : '16.0.10390.20000',\n 'append' : 'bin',\n 'file' : 'ascalc.dll',\n 'product_name' : 'Microsoft SharePoint Enterprise Server 2019'\n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-09',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:28:16", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f2043ff6-2916-11ed-a1ef-3065ec8fd3ec advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-31T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (f2043ff6-2916-11ed-a1ef-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058"], "modified": "2022-10-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_F2043FF6291611EDA1EF3065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/164520", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164520);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/04\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3042\",\n \"CVE-2022-3043\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3048\",\n \"CVE-2022-3049\",\n \"CVE-2022-3050\",\n \"CVE-2022-3051\",\n \"CVE-2022-3052\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0346-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (f2043ff6-2916-11ed-a1ef-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the f2043ff6-2916-11ed-a1ef-3065ec8fd3ec advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?613dc709\");\n # https://vuxml.freebsd.org/freebsd/f2043ff6-2916-11ed-a1ef-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?33f35751\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3058\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<105.0.5195.52'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:47", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10119-1 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\n - Use after free in Tab Strip. (CVE-2022-3071)\n\n - Insufficient data validation in Mojo. (CVE-2022-3075)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10119-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071", "CVE-2022-3075"], "modified": "2022-10-03T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.4"], "id": "OPENSUSE-2022-10119-1.NASL", "href": "https://www.tenable.com/plugins/nessus/164951", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:10119-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164951);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/03\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3042\",\n \"CVE-2022-3043\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3048\",\n \"CVE-2022-3049\",\n \"CVE-2022-3050\",\n \"CVE-2022-3051\",\n \"CVE-2022-3052\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\",\n \"CVE-2022-3071\",\n \"CVE-2022-3075\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/09/29\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10119-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:10119-1 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\n - Use after free in Tab Strip. (CVE-2022-3071)\n\n - Insufficient data validation in Mojo. (CVE-2022-3075)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202403\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203102\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GAVZ7A2NRXHLI7C5TFF7GQHYKEGQIQRR/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?492af222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3039\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3043\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3044\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3071\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3075\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3071\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3075\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.4\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.4', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-105.0.5195.102-bp154.2.26.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-105.0.5195.102-bp154.2.26.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-105.0.5195.102-bp154.2.26.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-105.0.5195.102-bp154.2.26.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:33:03", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10120-1 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\n - Use after free in Tab Strip. (CVE-2022-3071)\n\n - Insufficient data validation in Mojo. (CVE-2022-3075)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-16T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10120-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071", "CVE-2022-3075"], "modified": "2022-10-03T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-10120-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165221", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:10120-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165221);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/03\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3042\",\n \"CVE-2022-3043\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3048\",\n \"CVE-2022-3049\",\n \"CVE-2022-3050\",\n \"CVE-2022-3051\",\n \"CVE-2022-3052\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\",\n \"CVE-2022-3071\",\n \"CVE-2022-3075\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/09/29\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10120-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:10120-1 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\n - Use after free in Tab Strip. (CVE-2022-3071)\n\n - Insufficient data validation in Mojo. (CVE-2022-3075)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202403\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203102\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2EVLCBABO7RGGUVQCAZPA7MNGKWHWCJN/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?425ec14b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3039\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3043\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3044\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3071\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3075\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3071\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3075\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-105.0.5195.102-bp153.2.119.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-105.0.5195.102-bp153.2.119.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-105.0.5195.102-bp153.2.119.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-105.0.5195.102-bp153.2.119.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:28:37", "description": "The version of Google Chrome installed on the remote macOS host is prior to 105.0.5195.52. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_08_stable-channel-update-for-desktop_30 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-30T00:00:00", "type": "nessus", "title": "Google Chrome < 105.0.5195.52 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071"], "modified": "2022-10-04T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_105_0_5195_52.NASL", "href": "https://www.tenable.com/plugins/nessus/164509", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164509);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/04\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3042\",\n \"CVE-2022-3043\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3048\",\n \"CVE-2022-3049\",\n \"CVE-2022-3050\",\n \"CVE-2022-3051\",\n \"CVE-2022-3052\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\",\n \"CVE-2022-3071\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0346-S\");\n\n script_name(english:\"Google Chrome < 105.0.5195.52 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 105.0.5195.52. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2022_08_stable-channel-update-for-desktop_30 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?613dc709\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1340253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1343348\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1341539\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1345947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1338553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1336979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1051198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1339648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1346245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1342586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1303308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1316892\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1337132\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1345245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1346154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1290236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1351969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1329460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1336904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1337676\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 105.0.5195.52 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3071\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'105.0.5195.52', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:27:51", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5223 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\n - Use after free in Tab Strip. (CVE-2022-3071)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-02T00:00:00", "type": "nessus", "title": "Debian DSA-5223-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071"], "modified": "2022-10-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "p-cpe:/a:debian:debian_linux:chromium-common", "p-cpe:/a:debian:debian_linux:chromium-driver", "p-cpe:/a:debian:debian_linux:chromium-l10n", "p-cpe:/a:debian:debian_linux:chromium-sandbox", "p-cpe:/a:debian:debian_linux:chromium-shell", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5223.NASL", "href": "https://www.tenable.com/plugins/nessus/164648", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5223. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164648);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/04\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3042\",\n \"CVE-2022-3043\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3048\",\n \"CVE-2022-3049\",\n \"CVE-2022-3050\",\n \"CVE-2022-3051\",\n \"CVE-2022-3052\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\",\n \"CVE-2022-3071\"\n );\n\n script_name(english:\"Debian DSA-5223-1 : chromium - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5223 advisory.\n\n - Use after free in Network Service. (CVE-2022-3038)\n\n - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout. (CVE-2022-3040)\n\n - Use after free in PhoneHub. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation. (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8. (CVE-2022-3045)\n\n - Use after free in Browser Tag. (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)\n\n - Use after free in SplitScreen. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools. (CVE-2022-3054)\n\n - Use after free in Passwords. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow. (CVE-2022-3058)\n\n - Use after free in Tab Strip. (CVE-2022-3071)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987292\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3039\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3043\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3044\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3071\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/chromium\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 105.0.5195.52-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3071\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'chromium', 'reference': '105.0.5195.52-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-common', 'reference': '105.0.5195.52-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-driver', 'reference': '105.0.5195.52-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-l10n', 'reference': '105.0.5195.52-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-sandbox', 'reference': '105.0.5195.52-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-shell', 'reference': '105.0.5195.52-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium / chromium-common / chromium-driver / chromium-l10n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:28:38", "description": "The version of Google Chrome installed on the remote Windows host is prior to 105.0.5195.52. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_08_stable-channel-update-for-desktop_30 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-30T00:00:00", "type": "nessus", "title": "Google Chrome < 105.0.5195.52 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071"], "modified": "2022-10-04T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_105_0_5195_52.NASL", "href": "https://www.tenable.com/plugins/nessus/164508", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164508);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/04\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3042\",\n \"CVE-2022-3043\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3048\",\n \"CVE-2022-3049\",\n \"CVE-2022-3050\",\n \"CVE-2022-3051\",\n \"CVE-2022-3052\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\",\n \"CVE-2022-3071\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0346-S\");\n\n script_name(english:\"Google Chrome < 105.0.5195.52 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 105.0.5195.52. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2022_08_stable-channel-update-for-desktop_30 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?613dc709\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1340253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1343348\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1341539\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1345947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1338553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1336979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1051198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1339648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1346245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1342586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1303308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1316892\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1337132\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1345245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1346154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1290236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1351969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1329460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1336904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1337676\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 105.0.5195.52 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3071\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'105.0.5195.52', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:30:39", "description": "The remote host is affected by the vulnerability described in GLSA-202209-23 (Chromium, Google Chrome, Microsoft Edge:\nMultiple Vulnerabilities)\n\n - Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3038)\n\n - Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3040)\n\n - Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3045)\n\n - Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.\n (CVE-2022-3048)\n\n - Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3054)\n\n - Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. (CVE-2022-3058)\n\n - Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. (CVE-2022-3071)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2022-3075)\n\n - Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (CVE-2022-3195)\n\n - Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (CVE-2022-3196, CVE-2022-3197, CVE-2022-3198)\n\n - Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3199)\n\n - Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3200)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. (CVE-2022-38012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-29T00:00:00", "type": "nessus", "title": "GLSA-202209-23 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071", "CVE-2022-3075", "CVE-2022-3195", "CVE-2022-3196", "CVE-2022-3197", "CVE-2022-3198", "CVE-2022-3199", "CVE-2022-3200", "CVE-2022-3201", "CVE-2022-38012"], "modified": "2022-11-21T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "p-cpe:/a:gentoo:linux:chromium-bin", "p-cpe:/a:gentoo:linux:google-chrome", "p-cpe:/a:gentoo:linux:microsoft-edge", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202209-23.NASL", "href": "https://www.tenable.com/plugins/nessus/165535", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202209-23.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165535);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2022-3038\",\n \"CVE-2022-3039\",\n \"CVE-2022-3040\",\n \"CVE-2022-3041\",\n \"CVE-2022-3042\",\n \"CVE-2022-3043\",\n \"CVE-2022-3044\",\n \"CVE-2022-3045\",\n \"CVE-2022-3046\",\n \"CVE-2022-3047\",\n \"CVE-2022-3048\",\n \"CVE-2022-3049\",\n \"CVE-2022-3050\",\n \"CVE-2022-3051\",\n \"CVE-2022-3052\",\n \"CVE-2022-3053\",\n \"CVE-2022-3054\",\n \"CVE-2022-3055\",\n \"CVE-2022-3056\",\n \"CVE-2022-3057\",\n \"CVE-2022-3058\",\n \"CVE-2022-3071\",\n \"CVE-2022-3075\",\n \"CVE-2022-3195\",\n \"CVE-2022-3196\",\n \"CVE-2022-3197\",\n \"CVE-2022-3198\",\n \"CVE-2022-3199\",\n \"CVE-2022-3200\",\n \"CVE-2022-3201\",\n \"CVE-2022-38012\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/09/29\");\n script_xref(name:\"IAVA\", value:\"2022-A-0388-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0396-S\");\n\n script_name(english:\"GLSA-202209-23 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202209-23 (Chromium, Google Chrome, Microsoft Edge:\nMultiple Vulnerabilities)\n\n - Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3038)\n\n - Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-3039, CVE-2022-3041)\n\n - Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-3040)\n\n - Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker\n to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3042)\n\n - Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a\n remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-3043)\n\n - Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote\n attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2022-3044)\n\n - Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3045)\n\n - Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-3046)\n\n - Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an\n attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted\n HTML page. (CVE-2022-3047)\n\n - Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52\n allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.\n (CVE-2022-3048)\n\n - Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a\n remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-3049)\n\n - Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote\n attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption\n via crafted UI interactions. (CVE-2022-3050)\n\n - Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a\n remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap\n corruption via crafted UI interactions. (CVE-2022-3051)\n\n - Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52\n allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially\n exploit heap corruption via crafted UI interactions. (CVE-2022-3052)\n\n - Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a\n remote attacker to restrict user navigation via a crafted HTML page. (CVE-2022-3053)\n\n - Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3054)\n\n - Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who\n convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a\n crafted HTML page. (CVE-2022-3055)\n\n - Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed\n a remote attacker to bypass content security policy via a crafted HTML page. (CVE-2022-3056)\n\n - Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-3057)\n\n - Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who\n convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted\n UI interaction. (CVE-2022-3058)\n\n - Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote\n attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption\n via crafted UI interaction. (CVE-2022-3071)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker\n who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2022-3075)\n\n - Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to\n perform an out of bounds memory write via a crafted HTML page. (CVE-2022-3195)\n\n - Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially\n exploit heap corruption via a crafted PDF file. (CVE-2022-3196, CVE-2022-3197, CVE-2022-3198)\n\n - Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-3199)\n\n - Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-3200)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to\n 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass\n navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. (CVE-2022-38012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202209-23\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=868156\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=868354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=870142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=872407\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/chromium-105.0.5195.125\n \nAll Chromium binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/chromium-bin-105.0.5195.125\n \nAll Google Chrome users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/google-chrome-105.0.5195.125\n \nAll Microsoft Edge users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/microsoft-edge-105.0.1343.42\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3199\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3200\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:google-chrome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:microsoft-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"www-client/chromium\",\n 'unaffected' : make_list(\"ge 105.0.5195.125\", \"lt 105.0.0\"),\n 'vulnerable' : make_list(\"lt 105.0.5195.125\")\n },\n {\n 'name' : \"www-client/chromium-bin\",\n 'unaffected' : make_list(\"ge 105.0.5195.125\", \"lt 105.0.0\"),\n 'vulnerable' : make_list(\"lt 105.0.5195.125\")\n },\n {\n 'name' : \"www-client/google-chrome\",\n 'unaffected' : make_list(\"ge 105.0.5195.125\", \"lt 105.0.0\"),\n 'vulnerable' : make_list(\"lt 105.0.5195.125\")\n },\n {\n 'name' : \"www-client/microsoft-edge\",\n 'unaffected' : make_list(\"ge 105.0.1343.42\", \"lt 105.0.0\"),\n 'vulnerable' : make_list(\"lt 105.0.1343.42\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n# This plugin has a different number of unaffected and vulnerable versions for\n# one or more packages. To ensure proper detection, a separate line should be \n# used for each fixed/vulnerable version pair.\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / Google Chrome / Microsoft Edge\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:33:20", "description": "The Microsoft Dynamics 365 (on-premises) is missing a security update. It is, therefore, affected by the following vulnerabilities:\n\n - A remote code execution vulnerability. An attacker can exploit this to execute unauthorized arbitrary commands in the context of the db_owner. (CVE-2022-34700, CVE-2022-35085)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Dynamics 365 (on-premises) (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34700", "CVE-2022-35085", "CVE-2022-35805"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:microsoft:dynamics_365"], "id": "SMB_NT_MS22_SEP_MICROSOFT_DYNAMICS.NASL", "href": "https://www.tenable.com/plugins/nessus/165072", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165072);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2022-34700\", \"CVE-2022-35805\");\n script_xref(name:\"MSKB\", value:\"5017226\");\n script_xref(name:\"MSKB\", value:\"5017524\");\n script_xref(name:\"MSFT\", value:\"MS22-5017226\");\n script_xref(name:\"MSFT\", value:\"MS22-5017524\");\n script_xref(name:\"IAVA\", value:\"2022-A-0377\");\n\n script_name(english:\"Security Updates for Microsoft Dynamics 365 (on-premises) (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Dynamics 365 (on-premises) is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Dynamics 365 (on-premises) is missing a security update. It is, therefore, affected by the following\nvulnerabilities:\n\n - A remote code execution vulnerability. An attacker can exploit this to execute unauthorized arbitrary\n commands in the context of the db_owner. (CVE-2022-34700, CVE-2022-35085)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://support.microsoft.com/en-gb/topic/service-update-1-12-for-microsoft-dynamics-crm-on-premises-9-1-8d9a5138-241d-4a90-832e-826cc1015326\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3f252a50\");\n # https://support.microsoft.com/en-gb/topic/service-update-0-40-for-microsoft-dynamics-crm-on-premises-9-0-8c3976f4-b756-4282-a0a2-d77d2ed40466\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0cba5f67\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue:\n -KB5017226\n -KB5017524\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:dynamics_365\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_dynamics_365_detect.nbin\");\n script_require_keys(\"installed_sw/Microsoft Dynamics 365 Server\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = 'Microsoft Dynamics 365 Server';\nvar app_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nvar constraints = [\n { 'min_version' : '9.0', 'fixed_version' : '9.0.40.5', 'fixed_display' : 'Update v9.0 (on-premises) Update 0.40' },\n { 'min_version' : '9.1', 'fixed_version' : '9.1.12.17', 'fixed_display' : 'Update v9.1 (on-premises) Update 1.12' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:25", "description": "The Microsoft Visio Products are missing a security update. It is, therefore, affected by the following vulnerabilities:\n\n - Remote code execution vulnerabilities. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-27963, CVE-2022-38010)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Visio Products C2R (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27963", "CVE-2022-37963", "CVE-2022-38010"], "modified": "2022-12-14T00:00:00", "cpe": ["cpe:/a:microsoft:visio"], "id": "SMB_NT_MS22_SEP_VISIO_C2R.NASL", "href": "https://www.tenable.com/plugins/nessus/165174", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165174);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/14\");\n\n script_cve_id(\"CVE-2022-37963\", \"CVE-2022-38010\");\n script_xref(name:\"IAVA\", value:\"2022-A-0372-S\");\n\n script_name(english:\"Security Updates for Microsoft Visio Products C2R (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Visio Products are missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Visio Products are missing a security update. It is, therefore, affected by the following\nvulnerabilities:\n\n - Remote code execution vulnerabilities. An attacker can exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2022-27963, CVE-2022-38010)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates#september-13-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4b4423e2\");\n # https://docs.microsoft.com/en-us/officeupdates/update-history-microsoft365-apps-by-date\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fd4508ff\");\n script_set_attribute(attribute:\"solution\", value:\n\"For Office 365, Office 2016 C2R, or Office 2019, ensure automatic updates are enabled or open any office app and\nmanually perform an update.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38010\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visio\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"office_installed.nasl\", \"microsoft_visio_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_office.inc');\n\nvar bulletin = 'MS22-09';\n\nvar constraints = [\n {'fixed_version':'16.0.15601.20148','channel':'2016 Retail'},\n {'fixed_version':'16.0.15601.20148','channel':'Current'},\n {'fixed_version':'16.0.15427.20284','channel':'Enterprise Deferred','channel_version':'2207'},\n {'fixed_version':'16.0.15225.20422','channel':'Enterprise Deferred'},\n {'fixed_version':'16.0.15601.20148','channel':'First Release for Deferred'},\n {'fixed_version':'16.0.14931.20724','channel':'Deferred','channel_version':'2202'},\n {'fixed_version':'16.0.14326.21142','channel':'Deferred'},\n {'fixed_version':'16.0.12527.22215','channel':'Microsoft 365 Apps on Windows 7'},\n {'fixed_version':'16.0.15601.20148','channel':'2021 Retail'},\n {'fixed_version':'16.0.15601.20148','channel':'2019 Retail'},\n {'fixed_version':'16.0.14332.20375','channel':'LTSC 2021'},\n {'fixed_version':'16.0.10390.20024','channel':'2019 Volume'}\n];\n\nvcf::microsoft::office_product::check_version_and_report(\n constraints:constraints,\n severity:SECURITY_HOLE,\n bulletin:bulletin,\n subproduct:'Visio'\n);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:13", "description": "The Windows 'AV1 Video Extension' app installed on the remote host is affected by remote code execution vulnerability.\nAn attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "Microsoft Windows AV1 Video Extensions RCE (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38019"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEPT_AV1.NASL", "href": "https://www.tenable.com/plugins/nessus/165003", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165003);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2022-38019\");\n\n script_name(english:\"Microsoft Windows AV1 Video Extensions RCE (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Windows app installed on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows 'AV1 Video Extension' app installed on the remote host is affected by remote code execution vulnerability.\nAn attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38019\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to app version 1.1.51091.0 or later via the Microsoft Store.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38019\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"wmi_enum_windows_app_store.nbin\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"WMI/Windows App Store/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar apps = ['Microsoft.AV1VideoExtension'];\n\nvar app_info = vcf::microsoft_appstore::get_app_info(app_list:apps);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'fixed_version' : '1.1.51091.0' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:29", "description": "The Microsoft Office Products are missing security updates. They are, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Office Products (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-37962"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:microsoft:office"], "id": "SMB_NT_MS22_SEP_OFFICE.NASL", "href": "https://www.tenable.com/plugins/nessus/164993", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164993);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2022-37962\");\n script_xref(name:\"MSKB\", value:\"5002178\");\n script_xref(name:\"MSKB\", value:\"5002166\");\n script_xref(name:\"MSFT\", value:\"MS22-5002178\");\n script_xref(name:\"MSFT\", value:\"MS22-5002166\");\n script_xref(name:\"IAVA\", value:\"2022-A-0372-S\");\n\n script_name(english:\"Security Updates for Microsoft Office Products (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Office Products are affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Office Products are missing security updates. They are, therefore, affected by a remote code execution\nvulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002166\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5002178\n -KB5002166\n\nFor Office 365, Office 2016 C2R, or Office 2019, ensure automatic\nupdates are enabled or open any office app and manually perform an\nupdate.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-37962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"office_installed.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_office.inc');\n\nvar bulletin = 'MS22-09';\nvar kbs = make_list(\n '5002166',\n '5002178'\n);\nvar severity = SECURITY_HOLE;\n\nvar app_info = vcf::microsoft::office::get_app_info(app:'Microsoft Office', kbs:kbs, bulletin:bulletin, severity:severity);\n\nvar constraints = [\n {'product' : 'Microsoft Office 2013 SP1', 'kb':'5002166', 'file':'mso.dll', 'fixed_version': '15.0.5485.1000'},\n {'product' : 'Microsoft Office 2016', 'kb':'5002178', 'file':'mso.dll', 'fixed_version': '16.0.5361.1000'}\n];\n\nvcf::microsoft::office::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:severity,\n bulletin:bulletin,\n subproduct:'Office'\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:30:42", "description": "The Microsoft PowerPoint Products are missing a security update. It is, therefore, affected by the following vulnerability:\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-37962)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft PowerPoint Products (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-37962"], "modified": "2022-12-14T00:00:00", "cpe": ["cpe:/a:microsoft:powerpoint"], "id": "SMB_NT_MS22_SEP_POWERPOINT_C2R.NASL", "href": "https://www.tenable.com/plugins/nessus/165175", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165175);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/14\");\n\n script_cve_id(\"CVE-2022-37962\");\n script_xref(name:\"IAVA\", value:\"2022-A-0372-S\");\n\n script_name(english:\"Security Updates for Microsoft PowerPoint Products (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft PowerPoint Products are missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft PowerPoint Products are missing a security update. It is, therefore, affected by the following\nvulnerability:\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2022-37962)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates#september-13-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4b4423e2\");\n # https://docs.microsoft.com/en-us/officeupdates/update-history-microsoft365-apps-by-date\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fd4508ff\");\n script_set_attribute(attribute:\"solution\", value:\n\"For Office 365, Office 2016 C2R, or Office 2019, ensure automatic updates are enabled or open any office app and\nmanually perform an update.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-37962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:powerpoint\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"office_installed.nasl\", \"microsoft_office_compatibility_pack_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_office.inc');\n\nvar bulletin = 'MS22-09';\n\nvar constraints = [\n {'fixed_version':'16.0.15601.20148','channel':'2016 Retail'},\n {'fixed_version':'16.0.15601.20148','channel':'Current'},\n {'fixed_version':'16.0.15427.20284','channel':'Enterprise Deferred','channel_version':'2207'},\n {'fixed_version':'16.0.15225.20422','channel':'Enterprise Deferred'},\n {'fixed_version':'16.0.15601.20148','channel':'First Release for Deferred'},\n {'fixed_version':'16.0.14931.20724','channel':'Deferred','channel_version':'2202'},\n {'fixed_version':'16.0.14326.21142','channel':'Deferred'},\n {'fixed_version':'16.0.12527.22215','channel':'Microsoft 365 Apps on Windows 7'},\n {'fixed_version':'16.0.15601.20148','channel':'2021 Retail'},\n {'fixed_version':'16.0.15601.20148','channel':'2019 Retail'},\n {'fixed_version':'16.0.14332.20375','channel':'LTSC 2021'},\n {'fixed_version':'16.0.10390.20024','channel':'2019 Volume'}\n];\n\nvcf::microsoft::office_product::check_version_and_report(\n constraints:constraints,\n severity:SECURITY_HOLE,\n bulletin:bulletin,\n subproduct:'PowerPoint'\n);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:30:46", "description": "The Microsoft Office product installed on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Office Products (Sept 2022) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-37962"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:microsoft:office"], "id": "MACOS_MS22_SEP_OFFICE.NASL", "href": "https://www.tenable.com/plugins/nessus/165173", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc. \n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165173);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2022-37962\");\n script_xref(name:\"IAVA\", value:\"2022-A-0372-S\");\n\n script_name(english:\"Security Updates for Microsoft Office Products (Sept 2022) (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Office product installed on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Office product installed on the remote host is missing a security update. It is, therefore, affected by\na remote code execution vulnerability.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/officeupdates/update-history-office-for-mac\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ed1b90\");\n # https://docs.microsoft.com/en-us/officeupdates/release-notes-office-for-mac#september-13-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8587ce21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Microsoft Office for Mac.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-37962\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_office_installed.nbin\");\n script_require_keys(\"Host/MacOSX/Version\");\n script_require_ports(\"installed_sw/Microsoft Outlook\", \"installed_sw/Microsoft Excel\", \"installed_sw/Microsoft Word\", \"installed_sw/Microsoft PowerPoint\", \"installed_sw/Microsoft OneNote\");\n\n exit(0);\n}\n\ninclude('vcf_extras_office.inc');\n\nvar apps = make_list('Microsoft Outlook', 'Microsoft Excel', 'Microsoft Word',\n 'Microsoft PowerPoint','Microsoft OneNote');\n\nvar app_info = vcf::microsoft::office_for_mac::get_app_info(apps:apps);\n\nvar constraints = [\n {'min_version':'16.17.0', 'fixed_version':'16.65', 'fixed_display':'16.65 (22091101)'}\n];\n\nvcf::microsoft::office_for_mac::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n os_min_lvl:'10.15.0'\n);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:30:56", "description": "The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.17.1 It is, therefore, affected by privilege escalation vulnerability. An authenticated, local attacker can exploit this to escalate their privileges of an affected system to that of another user of Visual Studio Code.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-14T00:00:00", "type": "nessus", "title": "Security Update for Microsoft Visual Studio Code (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38020"], "modified": "2022-12-30T00:00:00", "cpe": ["cpe:/a:microsoft:visual_studio_code"], "id": "MICROSOFT_VISUAL_STUDIO_CODE_1_71_1.NASL", "href": "https://www.tenable.com/plugins/nessus/165085", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165085);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/30\");\n\n script_cve_id(\"CVE-2022-38020\");\n script_xref(name:\"IAVA\", value:\"2022-A-0375-S\");\n\n script_name(english:\"Security Update for Microsoft Visual Studio Code (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.17.1 It is, therefore,\naffected by privilege escalation vulnerability. An authenticated, local attacker can exploit this to escalate their\nprivileges of an affected system to that of another user of Visual Studio Code.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported\nversion\");\n script_set_attribute(attribute:\"see_also\", value:\"https://code.visualstudio.com/updates/v1_71\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38020\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Visual Studio Code 1.71.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38020\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visual_studio_code\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"os_fingerprint.nasl\", \"microsoft_visual_studio_code_installed.nbin\", \"microsoft_visual_studio_code_win_user_installed.nbin\", \"microsoft_visual_studio_code_linux_installed.nbin\", \"macosx_microsoft_visual_studio_code_installed.nbin\");\n script_require_ports(\"installed_sw/Microsoft Visual Studio Code\", \"installed_sw/Visual Studio Code\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar os = get_kb_item_or_exit('Host/OS');\nvar app_info;\n\nif (tolower(os) =~ 'windows')\n{\n get_kb_item_or_exit('SMB/Registry/Enumerated');\n app_info = vcf::get_app_info(app:'Microsoft Visual Studio Code', win_local:TRUE);\n}\nelse if (tolower(os) =~ 'linux|mac os')\n{\n get_kb_item_or_exit('Host/local_checks_enabled');\n app_info = vcf::get_app_info(app:'Visual Studio Code');\n}\nelse\n{\n audit(AUDIT_OS_NOT,'affected');\n}\n\nvar constraints = [\n { 'fixed_version' : '1.71.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:33:16", "description": "The Windows 'Raw Image Extensions' app installed on the remote host is affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "Microsoft Windows Raw Image Extensions Library RCE (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38011"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_SEPT_RAW_IMAGE.NASL", "href": "https://www.tenable.com/plugins/nessus/164995", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164995);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2022-38011\");\n\n script_name(english:\"Microsoft Windows Raw Image Extensions Library RCE (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Windows app installed on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows 'Raw Image Extensions' app installed on the remote host is affected by a remote code execution\nvulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38011\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to app version 2.0.32061.0 or later via the Microsoft Store.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38011\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"wmi_enum_windows_app_store.nbin\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"WMI/Windows App Store/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar apps = ['Microsoft.RawImageExtension'];\n\nvar app_info = vcf::microsoft_appstore::get_app_info(app_list:apps);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'fixed_version' : '2.0.32061.0'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:29", "description": "The Microsoft Visio Products are missing a security update.\n It is, therefore, affected by the following vulnerability:\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-38010)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Visio Products (September 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38010"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:microsoft:visio"], "id": "SMB_NT_MS22_SEP_VISIO.NASL", "href": "https://www.tenable.com/plugins/nessus/165001", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165001);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2022-38010\");\n script_xref(name:\"MSKB\", value:\"5002017\");\n script_xref(name:\"MSKB\", value:\"5002016\");\n script_xref(name:\"MSFT\", value:\"MS22-5002017\");\n script_xref(name:\"MSFT\", value:\"MS22-5002016\");\n script_xref(name:\"IAVA\", value:\"2022-A-0372-S\");\n\n script_name(english:\"Security Updates for Microsoft Visio Products (September 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Visio Products are missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Visio Products are missing a security update.\n It is, therefore, affected by the following vulnerability:\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2022-38010)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002016\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5002017\n -KB5002016\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38010\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visio\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"office_installed.nasl\", \"microsoft_visio_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_office.inc');\n\nvar bulletin = 'MS22-09';\nvar kbs = make_list(\n '5002017', # Visio 2013\n '5002016' # Visio 2016\n);\nvar severity = SECURITY_HOLE;\n\nvar constraints = [\n { 'kb':'5002017', 'fixed_version': '15.0.5481.1000', 'sp' : 1},\n { 'kb':'5002016', 'channel':'MSI', 'fixed_version': '16.0.5361.1002', 'sp' : 0}\n];\n\nvcf::microsoft::office_product::check_version_and_report(\n kbs:kbs,\n constraints:constraints,\n severity:severity,\n bulletin:bulletin,\n subproduct:'Visio'\n);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2022-09-16T12:36:02", "description": "### *Detect date*:\n09/13/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-35840](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35840>) \n[CVE-2022-38004](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38004>) \n[CVE-2022-34727](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34727>) \n[CVE-2022-37969](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969>) \n[CVE-2022-30170](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30170>) \n[CVE-2022-34724](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34724>) \n[CVE-2022-33647](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33647>) \n[CVE-2022-34732](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34732>) \n[CVE-2022-35830](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35830>) \n[CVE-2022-34726](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34726>) \n[CVE-2022-34718](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718>) \n[CVE-2022-34721](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721>) \n[CVE-2022-37955](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37955>) \n[CVE-2022-34731](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34731>) \n[CVE-2022-35803](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35803>) \n[CVE-2022-30200](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30200>) \n[CVE-2022-34730](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34730>) \n[CVE-2022-34729](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34729>) \n[CVE-2022-38006](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38006>) \n[CVE-2022-38005](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38005>) \n[CVE-2022-37964](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37964>) \n[CVE-2022-37956](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37956>) \n[CVE-2022-34733](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34733>) \n[CVE-2022-35836](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35836>) \n[CVE-2022-35833](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35833>) \n[CVE-2022-35832](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35832>) \n[CVE-2022-37958](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37958>) \n[CVE-2022-35835](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35835>) \n[CVE-2022-33679](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33679>) \n[CVE-2022-34734](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34734>) \n[CVE-2022-34728](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34728>) \n[CVE-2022-34720](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34720>) \n[CVE-2022-34719](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34719>) \n[CVE-2022-34722](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722>) \n[CVE-2022-35837](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35837>) \n[CVE-2022-35834](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35834>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2022-35840](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35840>)5.0Critical \n[CVE-2022-38004](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38004>)5.0Critical \n[CVE-2022-34727](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34727>)5.0Critical \n[CVE-2022-37969](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37969>)5.0Critical \n[CVE-2022-30170](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30170>)5.0Critical \n[CVE-2022-34724](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34724>)5.0Critical \n[CVE-2022-33647](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33647>)5.0Critical \n[CVE-2022-34732](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34732>)5.0Critical \n[CVE-2022-35830](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35830>)5.0Critical \n[CVE-2022-34726](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34726>)5.0Critical \n[CVE-2022-34718](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34718>)5.0Critical \n[CVE-2022-34721](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34721>)5.0Critical \n[CVE-2022-37955](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37955>)5.0Critical \n[CVE-2022-34731](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34731>)5.0Critical \n[CVE-2022-35803](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35803>)5.0Critical \n[CVE-2022-30200](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30200>)5.0Critical \n[CVE-2022-34730](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34730>)5.0Critical \n[CVE-2022-34729](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34729>)5.0Critical \n[CVE-2022-38006](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38006>)5.0Critical \n[CVE-2022-38005](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38005>)5.0Critical \n[CVE-2022-37956](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37956>)5.0Critical \n[CVE-2022-34733](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34733>)5.0Critical \n[CVE-2022-35836](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35836>)5.0Critical \n[CVE-2022-35833](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35833>)5.0Critical \n[CVE-2022-35832](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35832>)5.0Critical \n[CVE-2022-37958](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37958>)5.0Critical \n[CVE-2022-35835](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35835>)5.0Critical \n[CVE-2022-33679](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33679>)5.0Critical \n[CVE-2022-34734](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34734>)5.0Critical \n[CVE-2022-34728](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34728>)5.0Critical \n[CVE-2022-34720](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34720>)5.0Critical \n[CVE-2022-34719](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34719>)5.0Critical \n[CVE-2022-34722](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34722>)5.0Critical \n[CVE-2022-35837](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35837>)5.0Critical \n[CVE-2022-35834](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35834>)5.0Critical \n[CVE-2022-37964](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37964>)5.0Critical\n\n### *KB list*:\n[5017361](<http://support.microsoft.com/kb/5017361>) \n[5017373](<http://support.microsoft.com/kb/5017373>) \n[5017371](<http://support.microsoft.com/kb/5017371>) \n[5017358](<http://support.microsoft.com/kb/5017358>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "kaspersky", "title": "KLA19249 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-30170", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35840", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37958", "CVE-2022-37964", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006"], "modified": "2022-09-15T00:00:00", "id": "KLA19249", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19249/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T12:36:08", "description": "### *Detect date*:\n09/13/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows Server 2016 (Server Core installation) \nWindows 10 for 32-bit Systems \nWindows Server 2012 (Server Core installation) \nWindows 11 for x64-based Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows Server 2012 \nWindows Server 2019 (Server Core installation) \nRaw Image Extension \nWindows 10 Version 1607 for x64-based Systems \nWindows Server 2022 Azure Edition Core Hotpatch \nWindows 11 for ARM64-based Systems \nWindows Server 2022 \nAV1 Video Extension \nWindows Server 2012 R2 (Server Core installation) \nWindows RT 8.1 \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H2 for x64-based Systems \nWindows 8.1 for 32-bit systems \nWindows Server 2019 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 21H2 for ARM64-based Systems \nWindows 10 Version 20H2 for x64-based Systems \nWindows 8.1 for x64-based systems \nWindows Server 2016 \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 21H2 for 32-bit Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-35840](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35840>) \n[CVE-2022-38004](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38004>) \n[CVE-2022-34727](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34727>) \n[CVE-2022-37969](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969>) \n[CVE-2022-30170](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30170>) \n[CVE-2022-34724](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34724>) \n[CVE-2022-33647](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33647>) \n[CVE-2022-34732](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34732>) \n[CVE-2022-35830](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35830>) \n[CVE-2022-34726](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34726>) \n[CVE-2022-34718](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718>) \n[CVE-2022-34721](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721>) \n[CVE-2022-37957](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37957>) \n[CVE-2022-37955](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37955>) \n[CVE-2022-34731](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34731>) \n[CVE-2022-35803](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35803>) \n[CVE-2022-30200](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30200>) \n[CVE-2022-34730](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34730>) \n[CVE-2022-34729](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34729>) \n[CVE-2022-38006](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38006>) \n[CVE-2022-38005](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38005>) \n[CVE-2022-35831](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35831>) \n[CVE-2022-34723](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34723>) \n[CVE-2022-37959](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37959>) \n[CVE-2022-34725](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34725>) \n[CVE-2022-38011](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38011>) \n[CVE-2022-37956](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37956>) \n[CVE-2022-34733](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34733>) \n[CVE-2022-35836](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35836>) \n[CVE-2022-35833](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35833>) \n[CVE-2022-35832](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35832>) \n[CVE-2022-37958](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37958>) \n[CVE-2022-35835](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35835>) \n[CVE-2022-33679](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33679>) \n[CVE-2022-26928](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26928>) \n[CVE-2022-37954](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37954>) \n[CVE-2022-34734](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34734>) \n[CVE-2022-34728](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34728>) \n[CVE-2022-23960](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23960>) \n[CVE-2022-35841](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35841>) \n[CVE-2022-34720](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34720>) \n[CVE-2022-34719](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34719>) \n[CVE-2022-34722](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722>) \n[CVE-2022-35837](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35837>) \n[CVE-2022-38019](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38019>) \n[CVE-2022-30196](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30196>) \n[CVE-2022-35838](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35838>) \n[CVE-2022-35834](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35834>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2022-35840](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35840>)5.0Critical \n[CVE-2022-38004](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38004>)5.0Critical \n[CVE-2022-34727](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34727>)5.0Critical \n[CVE-2022-37969](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37969>)5.0Critical \n[CVE-2022-30170](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30170>)5.0Critical \n[CVE-2022-34724](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34724>)5.0Critical \n[CVE-2022-33647](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33647>)5.0Critical \n[CVE-2022-34732](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34732>)5.0Critical \n[CVE-2022-35830](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35830>)5.0Critical \n[CVE-2022-34726](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34726>)5.0Critical \n[CVE-2022-34718](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34718>)5.0Critical \n[CVE-2022-34721](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34721>)5.0Critical \n[CVE-2022-37957](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37957>)5.0Critical \n[CVE-2022-37955](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37955>)5.0Critical \n[CVE-2022-34731](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34731>)5.0Critical \n[CVE-2022-35803](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35803>)5.0Critical \n[CVE-2022-30200](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30200>)5.0Critical \n[CVE-2022-34730](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34730>)5.0Critical \n[CVE-2022-34729](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34729>)5.0Critical \n[CVE-2022-38006](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38006>)5.0Critical \n[CVE-2022-38005](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38005>)5.0Critical \n[CVE-2022-35831](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35831>)5.0Critical \n[CVE-2022-34723](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34723>)5.0Critical \n[CVE-2022-37959](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37959>)5.0Critical \n[CVE-2022-34725](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34725>)5.0Critical \n[CVE-2022-38011](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38011>)5.0Critical \n[CVE-2022-37956](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37956>)5.0Critical \n[CVE-2022-34733](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34733>)5.0Critical \n[CVE-2022-35836](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35836>)5.0Critical \n[CVE-2022-35833](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35833>)5.0Critical \n[CVE-2022-35832](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35832>)5.0Critical \n[CVE-2022-37958](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37958>)5.0Critical \n[CVE-2022-35835](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35835>)5.0Critical \n[CVE-2022-33679](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33679>)5.0Critical \n[CVE-2022-26928](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26928>)5.0Critical \n[CVE-2022-37954](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37954>)5.0Critical \n[CVE-2022-34734](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34734>)5.0Critical \n[CVE-2022-34728](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34728>)5.0Critical \n[CVE-2022-23960](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960>)1.9Warning \n[CVE-2022-35841](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35841>)5.0Critical \n[CVE-2022-34720](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34720>)5.0Critical \n[CVE-2022-34719](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34719>)5.0Critical \n[CVE-2022-34722](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34722>)5.0Critical \n[CVE-2022-35837](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35837>)5.0Critical \n[CVE-2022-38019](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38019>)5.0Critical \n[CVE-2022-30196](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30196>)5.0Critical \n[CVE-2022-35838](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35838>)5.0Critical \n[CVE-2022-35834](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35834>)5.0Critical\n\n### *KB list*:\n[5017392](<http://support.microsoft.com/kb/5017392>) \n[5017377](<http://support.microsoft.com/kb/5017377>) \n[5017316](<http://support.microsoft.com/kb/5017316>) \n[5017327](<http://support.microsoft.com/kb/5017327>) \n[5017365](<http://support.microsoft.com/kb/5017365>) \n[5017367](<http://support.microsoft.com/kb/5017367>) \n[5017315](<http://support.microsoft.com/kb/5017315>) \n[5017305](<http://support.microsoft.com/kb/5017305>) \n[5017328](<http://support.microsoft.com/kb/5017328>) \n[5017308](<http://support.microsoft.com/kb/5017308>) \n[5017370](<http://support.microsoft.com/kb/5017370>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "kaspersky", "title": "KLA19245 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23960", "CVE-2022-26928", "CVE-2022-30170", "CVE-2022-30196", "CVE-2022-30200", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34719", "CVE-2022-34720", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34723", "CVE-2022-34724", "CVE-2022-34725", "CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34728", "CVE-2022-34729", "CVE-2022-34730", "CVE-2022-34731", "CVE-2022-34732", "CVE-2022-34733", "CVE-2022-34734", "CVE-2022-35803", "CVE-2022-35830", "CVE-2022-35831", "CVE-2022-35832", "CVE-2022-35833", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35837", "CVE-2022-35838", "CVE-2022-35840", "CVE-2022-35841", "CVE-2022-37954", "CVE-2022-37955", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37958", "CVE-2022-37959", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38005", "CVE-2022-38006", "CVE-2022-38011", "CVE-2022-38019"], "modified": "2022-09-15T00:00:00", "id": "KLA19245", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19245/", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-27T05:41:38", "description": "### *Detect date*:\n09/01/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-3053](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3053>) \n[CVE-2022-3039](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3039>) \n[CVE-2022-3041](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3041>) \n[CVE-2022-38012](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38012>) \n[CVE-2022-3047](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3047>) \n[CVE-2022-3045](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3045>) \n[CVE-2022-3054](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3054>) \n[CVE-2022-3058](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3058>) \n[CVE-2022-3057](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3057>) \n[CVE-2022-3046](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3046>) \n[CVE-2022-3044](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3044>) \n[CVE-2022-3040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3040>) \n[CVE-2022-3055](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3055>) \n[CVE-2022-3056](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3056>) \n[CVE-2022-3038](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3038>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-01T00:00:00", "type": "kaspersky", "title": "KLA15734 Multiple vulnerabilities in Microsoft Browser", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-38012"], "modified": "2022-09-02T00:00:00", "id": "KLA15734", "href": "https://threats.kaspersky.com/en/vulnerability/KLA15734/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T12:36:00", "description": "### *Detect date*:\n09/13/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code.\n\n### *Affected products*:\nMicrosoft SharePoint Server 2019 \nMicrosoft Office LTSC 2021 for 64-bit editions \nMicrosoft Office 2019 for 32-bit editions \nMicrosoft SharePoint Enterprise Server 2016 \nMicrosoft Office 2013 RT Service Pack 1 \nMicrosoft SharePoint Server Subscription Edition \nMicrosoft Office 2019 for 64-bit editions \nMicrosoft Visio 2013 Service Pack 1 (64-bit editions) \nMicrosoft 365 Apps for Enterprise for 64-bit Systems \nMicrosoft Visio 2013 Service Pack 1 (32-bit editions) \nMicrosoft SharePoint Enterprise Server 2013 Service Pack 1 \nMicrosoft Office 2013 Service Pack 1 (64-bit editions) \nMicrosoft Office LTSC 2021 for 32-bit editions \nMicrosoft Office 2019 for Mac \nMicrosoft 365 Apps for Enterprise for 32-bit Systems \nMicrosoft Visio 2016 (64-bit edition) \nMicrosoft Office LTSC for Mac 2021 \nMicrosoft Office 2016 (32-bit edition) \nMicrosoft Office 2013 Service Pack 1 (32-bit editions) \nMicrosoft Visio 2016 (32-bit edition) \nMicrosoft Office 2016 (64-bit edition) \nSharePoint Server Subscription Edition Language Pack \nMicrosoft SharePoint Foundation 2013 Service Pack 1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-37961](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37961>) \n[CVE-2022-37962](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37962>) \n[CVE-2022-38009](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38009>) \n[CVE-2022-38010](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010>) \n[CVE-2022-35823](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35823>) \n[CVE-2022-37963](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37963>) \n[CVE-2022-38008](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38008>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>)\n\n### *CVE-IDS*:\n[CVE-2022-37961](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37961>)5.0Critical \n[CVE-2022-37962](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37962>)5.0Critical \n[CVE-2022-38009](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38009>)5.0Critical \n[CVE-2022-38010](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38010>)5.0Critical \n[CVE-2022-35823](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35823>)5.0Critical \n[CVE-2022-37963](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37963>)5.0Critical \n[CVE-2022-38008](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38008>)5.0Critical\n\n### *KB list*:\n[5002016](<http://support.microsoft.com/kb/5002016>) \n[5002166](<http://support.microsoft.com/kb/5002166>) \n[5002017](<http://support.microsoft.com/kb/5002017>) \n[5002142](<http://support.microsoft.com/kb/5002142>) \n[5002269](<http://support.microsoft.com/kb/5002269>) \n[5002178](<http://support.microsoft.com/kb/5002178>) \n[5002257](<http://support.microsoft.com/kb/5002257>) \n[5002264](<http://support.microsoft.com/kb/5002264>) \n[5002258](<http://support.microsoft.com/kb/5002258>) \n[5002271](<http://support.microsoft.com/kb/5002271>) \n[5002267](<http://support.microsoft.com/kb/5002267>) \n[5002159](<http://support.microsoft.com/kb/5002159>) \n[5002270](<http://support.microsoft.com/kb/5002270>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "kaspersky", "title": "KLA19250 Multiple vulnerabilities in Microsoft Office", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-35823", "CVE-2022-37961", "CVE-2022-37962", "CVE-2022-37963", "CVE-2022-38008", "CVE-2022-38009", "CVE-2022-38010"], "modified": "2022-09-15T00:00:00", "id": "KLA19250", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19250/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-19T16:03:37", "description": "### *Detect date*:\n09/13/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nVisual Studio 2022 for Mac version 17.3 \nMicrosoft Visual Studio 2022 version 17.3 \nMicrosoft .NET Framework 3.5 AND 4.7.2 \nMicrosoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) \nMicrosoft .NET Framework 4.8 \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 3.0 Service Pack 2 \nMicrosoft Visual Studio 2022 version 17.2 \nMicrosoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) \nMicrosoft .NET Framework 3.5 AND 4.8.1 \n.NET 6.0 \nMicrosoft .NET Framework 3.5 \nMicrosoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 \nMicrosoft .NET Framework 4.6 \n.NET Core 3.1 \nMicrosoft .NET Framework 4.8.1 \nVisual Studio Code \nMicrosoft .NET Framework 3.5 AND 4.8 \nMicrosoft Visual Studio 2022 version 17.0 \nMicrosoft .NET Framework 3.5.1 \nMicrosoft .NET Framework 2.0 Service Pack 2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-38020](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38020>) \n[CVE-2022-26929](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26929>) \n[CVE-2022-38013](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *KB list*:\n[5017327](<http://support.microsoft.com/kb/5017327>) \n[5017500](<http://support.microsoft.com/kb/5017500>) \n[5017497](<http://support.microsoft.com/kb/5017497>) \n[5017915](<http://support.microsoft.com/kb/5017915>) \n[5017903](<http://support.microsoft.com/kb/5017903>) \n[5017501](<http://support.microsoft.com/kb/5017501>) \n[5017499](<http://support.microsoft.com/kb/5017499>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "kaspersky", "title": "KLA19246 Multiple vulnerabilities in Microsoft Developer Tools", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-26929", "CVE-2022-38013", "CVE-2022-38020"], "modified": "2022-12-19T00:00:00", "id": "KLA19246", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19246/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T12:36:05", "description": "### *Detect date*:\n09/13/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Dynamics CRM (on-premises) 9.0 \nMicrosoft Dynamics CRM (on-premises) 9.1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-34700](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34700>) \n[CVE-2022-35805](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35805>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Dynamics AX](<https://threats.kaspersky.com/en/product/Microsoft-Dynamics-AX/>)\n\n### *CVE-IDS*:\n[CVE-2022-34700](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34700>)5.0Critical \n[CVE-2022-35805](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35805>)5.0Critical\n\n### *KB list*:\n[5017524](<http://support.microsoft.com/kb/5017524>) \n[5017226](<http://support.microsoft.com/kb/5017226>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "kaspersky", "title": "KLA19247 Multiple vulnerabilities in Microsoft Dynamics", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-34700", "CVE-2022-35805"], "modified": "2022-09-15T00:00:00", "id": "KLA19247", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19247/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T12:36:03", "description": "### *Detect date*:\n09/13/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nAn elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges.\n\n### *Affected products*:\nMicrosoft Defender for Endpoint for Mac\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-35828](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35828>) \n\n\n### *Impacts*:\nPE \n\n### *Related products*:\n[Windows Defender](<https://threats.kaspersky.com/en/product/Windows-Defender/>)\n\n### *CVE-IDS*:\n[CVE-2022-35828](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35828>)5.0Critical", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "kaspersky", "title": "KLA19248 PE vulnerability in Microsoft System Center", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-35828"], "modified": "2022-09-15T00:00:00", "id": "KLA19248", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19248/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T12:36:10", "description": "### *Detect date*:\n09/13/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nAn elevation of privilege vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to gain privileges.\n\n### *Affected products*:\nAzure ARC \nAzure Guest Configuration\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-38007](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38007>) \n\n\n### *Impacts*:\nPE \n\n### *Related products*:\n[Microsoft Azure](<https://threats.kaspersky.com/en/product/Microsoft-Azure/>)\n\n### *CVE-IDS*:\n[CVE-2022-38007](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38007>)5.0Critical", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:00:00", "type": "kaspersky", "title": "KLA19244 PE vulnerability in Microsoft Azure", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-38007"], "modified": "2022-09-15T00:00:00", "id": "KLA19244", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19244/", "cvss": {"score": 0.0, "vector": "NONE"}}], "talosblog": [{"lastseen": "2022-09-13T22:03:34", "description": "[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuO39qViCMNUgBL52lm6Fv2cO1TtchRuF5B5XrgdX8JNq21qnSgOoDKRj_Jw5YErgTODjyjUG_toBkvjBULrU-KqeAP39DYFZpdH-3cjSLiSIfqjtKpaCs8PGtoFT-BYkUrHb8-dagNtPzxKDhHijqCJEe1RhClOI0-B6axkA8WsLDMrmMM7In_4Ud/s16000/patch%20tuesday.jpg)](<https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuO39qViCMNUgBL52lm6Fv2cO1TtchRuF5B5XrgdX8JNq21qnSgOoDKRj_Jw5YErgTODjyjUG_toBkvjBULrU-KqeAP39DYFZpdH-3cjSLiSIfqjtKpaCs8PGtoFT-BYkUrHb8-dagNtPzxKDhHijqCJEe1RhClOI0-B6axkA8WsLDMrmMM7In_4Ud/s1001/patch%20tuesday.jpg>)\n\n_By Jon Munshaw and Asheer Malhotra. _\n\nMicrosoft released its monthly security update Tuesday, disclosing 64 vulnerabilities across the company\u2019s hardware and software line, a sharp decline from the [record number of issues](<https://blog.talosintelligence.com/2022/08/microsoft-patch-tuesday-for-august-2022.html>) Microsoft disclosed last month. \n\nSeptember's security update features five critical vulnerabilities, 10 fewer than were included in last month\u2019s Patch Tuesday. There are two moderate-severity vulnerabilities in this release and a low-security issue that\u2019s already been patched as a part of a recent Google Chromium update. The remainder is considered \u201cimportant.\u201d \n\nThe most serious vulnerability exists in several versions of Windows Server and Windows 10 that could allow an attacker to gain the ability to execute remote code (RCE) by sending a singular, specially crafted IPv6 packet to a Windows node where IPSec is enabled. [CVE-2022-34718](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718>) only affects instances that have IPSec enabled. This vulnerability has a severity score of 9.8 out of 10 and is considered \u201cmore likely\u201d to be exploited by Microsoft. \n\nMicrosoft disclosed one vulnerability that's being actively exploited in the wild \u2014 [CVE-2022-37969](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969>). Microsoft's advisory states this vulnerability is already circulating in the wild and could allow an attacker to gain SYSTEM-level privileges by exploiting the Windows Common Log File System Driver. The adversary must first have the access to the targeted system and then run specific code, though no user interaction is required. \n\n\n \n\n\n[CVE-2022-34721](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721>) and [CVE-2022-34722](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722>) also have severity scores of 9.8, though they are \u201cless likely\u201d to be exploited, according to Microsoft. These are remote code execution vulnerabilities in the Windows Internet Key Exchange protocol that could be triggered if an attacker sends a specially crafted IP packet.\n\nTwo other critical vulnerabilities, [CVE-2022-35805](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35805>) and [CVE-2022-34700](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34700>) exist in on-premises instances of Microsoft Dynamics 365. An authenticated attacker could exploit these vulnerabilities to run a specially crafted trusted solution package and execute arbitrary SQL commands. The attacker could escalate their privileges further and execute commands as the database owner. \n\nTalos would also like to highlight five important vulnerabilities that Microsoft considers to be \u201cmore likely\u201d to be exploited: \n\n * [CVE-2022-37957](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37957>) \u2014 Windows Kernel Elevation of Privilege Vulnerability \n * [CVE-2022-35803](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35803>) \u2014 Windows Common Log File System Driver Elevation of Privilege Vulnerability \n * [CVE-2022-37954](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37954>) \u2014 DirectX Graphics Kernel Elevation of Privilege Vulnerability \n * [CVE-2022-34725](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34725>) \u2014 Windows ALPC Elevation of Privilege Vulnerability \n * [CVE-2022-34729](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34729>) \u2014 Windows GDI Elevation of Privilege Vulnerability \n\nA complete list of all the vulnerabilities Microsoft disclosed this month is available on its update page. \n\nIn response to these vulnerability disclosures, Talos is releasing a new Snort rule set that detects attempts to exploit some of them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Cisco Secure Firewall customers should use the latest update to their ruleset by updating their SRU. Open-source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org. \n\nThe rules included in this release that protect against the exploitation of many of these vulnerabilities are 60546, 60547, 60549, 60550 and 60552 - 60554. We've also released Snort 3 rules 300266 - 300270.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T18:01:00", "type": "talosblog", "title": "Microsoft Patch Tuesday for September 2022 \u2014 Snort rules and prominent vulnerabilities", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-34700", "CVE-2022-34718", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34725", "CVE-2022-34729", "CVE-2022-35803", "CVE-2022-35805", "CVE-2022-37954", "CVE-2022-37957", "CVE-2022-37969"], "modified": "2022-09-13T18:24:22", "id": "TALOSBLOG:E99AAC7F44B9D1EA471CB0F2A592FA92", "href": "http://blog.talosintelligence.com/2022/09/microsoft-patch-tuesday-for-september.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "avleonov": [{"lastseen": "2022-09-24T00:03:21", "description": "Hello everyone! Let's take a look at Microsoft's September Patch Tuesday. This time it is quite compact. There were 63 CVEs released on Patch Tuesday day. If we add the vulnerabilities released between August and September Patch Tuesdays (as usual, they were in Microsoft Edge), the final number is 90. Much less than usual.\n\nAlternative video link (for Russia): <https://vk.com/video-149273431_456239101>\n \n \n $ cat comments_links.txt \n Qualys|September 2022 Patch Tuesday|https://blog.qualys.com/vulnerabilities-threat-research/2022/09/13/september-2022-patch-tuesday\n ZDI|THE SEPTEMBER 2022 SECURITY UPDATE REVIEW|https://www.zerodayinitiative.com/blog/2022/9/13/the-september-2022-security-update-review\n Kaspersky|Patches for 64 vulnerabilities in Microsoft products released|https://www.kaspersky.com/blog/microsoft-patch-tuesday-september-2022/45501/\n \n $ python3.8 vulristics.py --report-type \"ms_patch_tuesday_extended\" --mspt-year 2022 --mspt-month \"September\" --mspt-comments-links-path \"comments_links.txt\" --rewrite-flag \"True\"\n ...\n MS PT Year: 2022\n MS PT Month: September\n MS PT Date: 2022-09-13\n MS PT CVEs found: 63\n Ext MS PT Date from: 2022-08-10\n Ext MS PT Date to: 2022-09-12\n Ext MS PT CVEs found: 27\n ALL MS PT CVEs: 90\n ...\n\n * Urgent: 0\n * Critical: 1\n * High: 41\n * Medium: 44\n * Low: 4\n\n## Exploitable vulnerabilities\n\nThere are no vulnerabilities with public exploits yet. There are 3 vulnerabilities for which there is a Proof-of-Concept Exploit according to data from CVSS.\n\n 1. **Elevation of Privilege **- Kerberos (CVE-2022-33679). An unauthenticated attacker could perform a man-in-the-middle network exploit to downgrade a client's encryption to the RC4-md4 cypher, followed by cracking the user's cypher key. The attacker could then compromise the user's Kerberos session key to elevate privileges.\n 2. **Elevation of Privilege **- Azure Guest Configuration and Azure Arc-enabled servers (CVE-2022-38007). An attacker who successfully exploited the vulnerability could replace Microsoft-shipped code with their own code, which would then be run as root in the context of a Guest Configuration daemon. On an Azure VM with the Guest Configuration Linux Extension installed, this would run in the context of the GC Policy Agent daemon. On an Azure Arc-enabled server, it could run in the context of the GC Arc Service or Extension Service daemons. \n 3. **Elevation of Privilege** - Windows GDI (CVE-2022-34729). An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.\n\nBut the likelihood that these exploits will be used in real attacks seems low.\n\n## Exploitation in the wild\n\nThere are 3 vulnerabilities with a sign of exploitation in the wild:\n\n * **Elevation of Privilege** - Windows Common Log File System Driver (CVE-2022-37969). An attacker must already have access and the ability to run code on the target system. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. This vulnerability affects many versions of Windows, there are patches even for EOL versions. In addition to this vulnerability, there was a bunch of EoPs in Windows with no signs of exploitation in the wild, for example **Elevation of Privilege** - Windows Kernel (CVE-2022-37956, CVE-2022-37957, CVE-2022-37964)\n * **Security Feature Bypass** - Microsoft Edge (CVE-2022-2856, CVE-2022-3075). Edge vulnerabilities are actually Chromium vulnerabilities. This is the downside of using the same engine. Chrome vulnerabilities also affect Edge, Opera, Brave, Vivaldi, etc.\n\n## IP packet causes RCE\n\n**Remote Code Execution** - Windows TCP/IP (CVE-2022-34718). An unauthorized attacker can use it to execute arbitrary code on the attacked Windows computer with the IPSec service enabled by sending a specially crafted IPv6 packet to it. This vulnerability can only be exploited against systems with Internet Protocol Security (IPsec) enabled. IPsec and IPv6 are evil. ![\ud83d\ude42](https://s.w.org/images/core/emoji/14.0.0/72x72/1f642.png) But seriously, it's bad that this is even possible.\n\nAnd that's not all, there's more. **Remote Code Execution** - Windows Internet Key Exchange (IKE) Protocol Extensions (CVE-2022-34721, CVE-2022-34722). The IKE protocol is a component of IPsec used to set up security associations (relationships among devices based on shared security attributes). An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. Although these vulnerabilities only affect the IKEv1 protocol version, Microsoft reminds that all Windows Server systems are vulnerable because they accept both v1 and v2 packets.\n\n## Windows DNS Server DoS\n\n**Denial of Service** - Windows DNS Server (CVE-2022-34724). This bug is only rated Important since there\u2019s no chance of code execution, but you should probably treat it as Critical due to its potential impact. A remote, unauthenticated attacker could create a denial-of-service (DoS) condition on your DNS server. It\u2019s not clear if the DoS just kills the DNS service or the whole system. Shutting down DNS is always bad, but with so many resources in the cloud, a loss of DNS pointing the way to those resources could be catastrophic for many enterprises.\n\n## Spectre-BHB\n\n**Memory Corruption** - ARM processor (CVE-2022-23960). This is yet another variation of the Spectre vulnerability (this time Specter-BHB), which interferes with a processor\u2019s speculative execution of instructions mechanism. In other words, the probability of its use in real attacks is extremely small \u2014 the danger is somewhat theoretical. But almost all Patch Tuesday reviewers paid attention to this vulnerability.\n\nFull Vulristics report: [ms_patch_tuesday_september2022](<https://avleonov.com/vulristics_reports/ms_patch_tuesday_september2022_report_with_comments_ext_img.html>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-23T22:44:11", "type": "avleonov", "title": "Microsoft Patch Tuesday September 2022: CLFS Driver EoP, IP packet causes RCE, Windows DNS Server DoS, Spectre-BHB", "bulletinFamily": "blog", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23960", "CVE-2022-2856", "CVE-2022-3075", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-34724", "CVE-2022-34729", "CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37964", "CVE-2022-37969", "CVE-2022-38007"], "modified": "2022-09-23T22:44:11", "id": "AVLEONOV:75C789BDAA68C1C2CEC0F20F1D138B01", "href": "https://avleonov.com/2022/09/24/microsoft-patch-tuesday-september-2022-clfs-driver-eop-ip-packet-causes-rce-windows-dns-server-dos-spectre-bhb/", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}], "malwarebytes": [{"lastseen": "2022-09-15T00:03:31", "description": "The Microsoft [September 2022 Patch Tuesday](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep>) includes fixes for two publicly disclosed zero-day vulnerabilities, one of which is known to be actively exploited.\n\nFive of the 60+ security vulnerabilities were rated as "Critical", and 57 as important. Two vulnerabilities qualify as zero-days, with one of them being actively exploited.\n\n## Zero-days\n\nThe first zero-day, [CVE-2022-37969](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37969>), is a Windows Common Log File System Driver Elevation of Privilege (EoP) vulnerability. An attacker who successfully exploits this vulnerability could gain SYSTEM privileges, although the attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code execution in cases where the attacker does not already have that ability on the target system. This flaw is already being exploited in the wild.\n\nPrivilege escalation is the act of exploiting a bug, design flaw, or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions.\n\nThe second zero-day, [CVE-2022-23960,](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23960>) is an Arm cache speculation restriction vulnerability that is unlikely to be exploited. Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mis-predicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. The vulnerability was [disclosed](<https://www.vusec.net/projects/bhi-spectre-bhb/>) in March by researchers at VUSec.\n\n## The critical vulnerabilities\n\n[CVE-2022-35805](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35805>) and [CVE-2022-34700](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34700>) are both Microsoft Dynamics CRM (on-premises) Remote Code Execution (RCE) vulnerabilities. An authenticated user could run a specially crafted trusted solution package to execute arbitrary SQL commands. From there the attacker could escalate and execute commands as db_owner within their Dynamics 365 database.\n\n[CVE-2022-34718](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718>): a Windows TCP/IP RCE vulnerability with a [CVSS score](<https://www.malwarebytes.com/blog/news/2020/05/how-cvss-works-characterizing-and-scoring-vulnerabilities>) of 9.8 out of 10. An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine. Only systems with the IPSec service running are vulnerable to this attack. Systems are not affected if IPv6 is disabled on the target machine.\n\n[CVE-2022-34721](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721>) and [CVE-2022-34722](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722>): are both Windows Internet Key Exchange (IKE) Protocol Extensions RCE vulnerabilities with a CVSS score of 9.8 out of 10. An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. The vulnerability only impacts IKEv1. IKEv2 is not impacted. However, all Windows Servers are affected because they accept both V1 and V2 packets.\n\n## Other vendors\n\nOther vendors have synchronized their periodic updates with Microsoft. Here are few major ones:\n\n * Adobe [released seven patches](<https://helpx.adobe.com/security.html>) addressing 63 security holes in Adobe Experience Manager, Bridge, InDesign, Photoshop, InCopy, Animate, and Illustrator.\n * Earlier this month, the [Android security bulletin for September](<https://source.android.com/docs/security/bulletin/2022-09-01>) came out, which was followed up with a [Pixel specific update](<https://www.malwarebytes.com/blog/news/2022/09/update-now-google-patches-vulnerabilities-for-pixel-mobile-phones>).\n * Apple fixed at least [two zero-day vulnerabilities](<https://www.malwarebytes.com/blog/news/2022/09/update-now-apple-devices-are-exposed-to-a-new-zero-day-flaw>) when it released updates for iOS, iPadOS, macOS and Safari.\n * Cisco [released security updates](<https://tools.cisco.com/security/center/publicationListing.x>) for numerous products this month.\n * Google released a [fix for a Chrome zero-day](<https://www.malwarebytes.com/blog/news/2022/09/update-chrome-asap-a-new-zero-day-is-already-being-exploited>).\n * Samsung has released a new [security update](<https://security.samsungmobile.com/securityUpdate.smsb>) for major flagship models.\n * SAP published its [September 2022 Patch Day](<https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10>) updates.\n * VMware released [security advisory](<https://www.vmware.com/security/advisories/VMSA-2022-0024.html>) for VMware Tools.\n\nStay patched!", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T12:00:00", "type": "malwarebytes", "title": "Update now! Microsoft patches two zero-days", "bulletinFamily": "blog", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23960", "CVE-2022-34700", "CVE-2022-34718", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-35805", "CVE-2022-37969"], "modified": "2022-09-14T12:00:00", "id": "MALWAREBYTES:8FF6ADCDE71AD78C1537280203BB4A22", "href": "https://www.malwarebytes.com/blog/news/2022/09/update-now-microsoft-patches-two-zero-days", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}], "mscve": [{"lastseen": "2022-12-29T21:16:40", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35834, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-35835", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35835", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:40", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35834, CVE-2022-35835, CVE-2022-35836.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-35840", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35840", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:40", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35835, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-35834", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35834", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:40", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35834, CVE-2022-35835, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-35836", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35836", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:35", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34733, CVE-2022-35834, CVE-2022-35835, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-34731", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34731", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:35", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-35834, CVE-2022-35835, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-34733", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34733", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:35", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34730, CVE-2022-34732.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft ODBC Driver Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-34734", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34734", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:37", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34730, CVE-2022-34732, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft ODBC Driver Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34727", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34727", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:35", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34730, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft ODBC Driver Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-34732", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34732", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:37", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34727, CVE-2022-34730, CVE-2022-34732, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft ODBC Driver Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34726", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34726", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:36", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34732, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft ODBC Driver Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-34730", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34730", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:40", "description": "Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34728, CVE-2022-38006.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Graphics Component Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34728", "CVE-2022-35837", "CVE-2022-38006"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-35837", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35837", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:36", "description": "Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-35837, CVE-2022-38006.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Graphics Component Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34728", "CVE-2022-35837", "CVE-2022-38006"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34728", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34728", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:33", "description": "Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34728, CVE-2022-35837.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Graphics Component Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34728", "CVE-2022-35837", "CVE-2022-38006"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38006", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38006", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-30T18:21:24", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37956, CVE-2022-37957.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37964"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-37964", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37964", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:34", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37956, CVE-2022-37964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37964"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-37957", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37957", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:34", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37957, CVE-2022-37964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37964"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-37956", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37956", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-30T18:21:25", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38008, CVE-2022-38009.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-37961", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37961", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-30T18:21:25", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37961, CVE-2022-38008.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38009", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38009", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-04T02:16:07", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37961, CVE-2022-38009.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38008", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38008", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:41", "description": "Windows Secure Channel Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-30196.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Secure Channel Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-30196", "CVE-2022-35833"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35833", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35833", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:45", "description": "Windows Secure Channel Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-35833.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Secure Channel Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-30196", "CVE-2022-35833"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-30196", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30196", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-04T10:20:00", "description": "Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35805.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34700", "CVE-2022-35805"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34700", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34700", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-30T18:21:26", "description": "Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34700.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34700", "CVE-2022-35805"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35805", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35805", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:45", "description": "Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33647.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Kerberos Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-33647", "CVE-2022-33679"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-33679", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-33679", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:42", "description": "Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33679.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Kerberos Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-33647", "CVE-2022-33679"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-33647", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-33647", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-30T18:21:12", "description": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38010.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft Office Visio Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37963", "CVE-2022-38010"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-37963", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37963", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-30T18:21:13", "description": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37963.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft Office Visio Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37963", "CVE-2022-38010"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-38010", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38010", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:38", "description": "Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34722.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34721", "CVE-2022-34722"], "modified": "2022-09-23T07:00:00", "id": "MS:CVE-2022-34721", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34721", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:38", "description": "Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34721.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34721", "CVE-2022-34722"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34722", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34722", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:45", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37969.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35803", "CVE-2022-37969"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35803", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35803", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:31", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35803.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35803", "CVE-2022-37969"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-37969", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37969", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-31T12:24:12", "description": "Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35828"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35828", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35828", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:38", "description": "Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34723"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34723", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34723", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:40", "description": "HTTP V3 Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "HTTP V3 Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35838"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35838", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35838", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:39", "description": "Windows Enterprise App Management Service Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Enterprise App Management Service Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35841"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35841", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35841", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:46", "description": "Windows Photo Import API Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Photo Import API Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-26928"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-26928", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26928", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:41", "description": "Windows Remote Access Connection Manager Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Remote Access Connection Manager Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35831"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35831", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35831", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:35", "description": "DirectX Graphics Kernel Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "DirectX Graphics Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37954"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-37954", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37954", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-08T18:12:12", "description": "Microsoft SharePoint Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35823"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-35823", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35823", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:41", "description": "Remote Procedure Call Runtime Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Remote Procedure Call Runtime Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35830"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35830", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35830", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:41", "description": "Windows Event Tracing Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Event Tracing Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35832"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-35832", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35832", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:42", "description": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-30200"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-30200", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30200", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:34", "description": "Windows Group Policy Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Group Policy Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37955"], "modified": "2022-09-20T07:00:00", "id": "MS:CVE-2022-37955", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37955", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:37", "description": "Windows DNS Server Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows DNS Server Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34724"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34724", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34724", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:37", "description": "Windows ALPC Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows ALPC Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34725"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34725", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34725", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:39", "description": "Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34720"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34720", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34720", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:39", "description": "Windows Distributed File System (DFS) Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Distributed File System (DFS) Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34719"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34719", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34719", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:45", "description": "Windows Credential Roaming Service Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Credential Roaming Service Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-30170"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-30170", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30170", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:36", "description": "Windows GDI Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows GDI Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34729"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-34729", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34729", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-03T06:31:15", "description": "AV1 Video Extension Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "AV1 Video Extension Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38019"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38019", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38019", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-01T12:12:22", "description": "Visual Studio Code Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Visual Studio Code Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38020"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38020", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38020", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-02T12:18:03", "description": "Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38007"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38007", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38007", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-02T02:50:12", "description": "Microsoft PowerPoint Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Microsoft PowerPoint Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37962"], "modified": "2022-09-14T07:00:00", "id": "MS:CVE-2022-37962", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37962", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:33", "description": "Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37959"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-37959", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37959", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-02T07:04:23", "description": "Raw Image Extension Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Raw Image Extension Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38011"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38011", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38011", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:34", "description": "Windows Fax Service Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows Fax Service Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38004"], "modified": "2022-09-13T07:00:00", "id": "MS:CVE-2022-38004", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38004", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-01T12:12:38", "description": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-01T07:00:00", "type": "mscve", "title": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38012"], "modified": "2022-09-01T07:00:00", "id": "MS:CVE-2022-38012", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38012", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-29T21:16:39", "description": "Windows TCP/IP Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T07:00:00", "type": "mscve", "title": "Windows TCP/IP Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-34718"], "modified": "2022-09-23T07:00:00", "id": "MS:CVE-2022-34718", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2022-09-16T19:04:22", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34733, CVE-2022-35834, CVE-2022-35835, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34731", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-16T17:17:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-34731", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34731", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T19:04:19", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35834, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35835", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-16T16:34:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-35835", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35835", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T19:04:21", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-35834, CVE-2022-35835, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34733", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-16T17:06:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-34733", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34733", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-17T05:23:52", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35834, CVE-2022-35835, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35836", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-17T00:14:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-35836", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35836", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*"]}, {"lastseen": "2022-09-16T19:04:14", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35834, CVE-2022-35835, CVE-2022-35836.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35840", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-16T17:41:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-35840", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35840", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T19:04:16", "description": "Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34731, CVE-2022-34733, CVE-2022-35835, CVE-2022-35836, CVE-2022-35840.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35834", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34731", "CVE-2022-34733", "CVE-2022-35834", "CVE-2022-35835", "CVE-2022-35836", "CVE-2022-35840"], "modified": "2022-09-16T17:35:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-35834", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35834", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-15T22:34:19", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34727, CVE-2022-34730, CVE-2022-34732, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34726", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-09-15T20:52:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-34726", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34726", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-15T22:34:18", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34730, CVE-2022-34732, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34727", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-09-15T20:51:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-34727", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34727", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:azure:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-14T17:37:18", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34730, CVE-2022-34732.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34734", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-11-14T15:24:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2022-34734", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34734", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-14T17:37:17", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34730, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34732", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-11-14T15:24:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2022-34732", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34732", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-11-14T17:37:18", "description": "Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34732, CVE-2022-34734.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34730", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34726", "CVE-2022-34727", "CVE-2022-34730", "CVE-2022-34732", "CVE-2022-34734"], "modified": "2022-11-14T15:24:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2022-34730", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34730", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T20:39:51", "description": "Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34728, CVE-2022-35837.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38006", "cwe": ["CWE-668"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34728", "CVE-2022-35837", "CVE-2022-38006"], "modified": "2022-09-16T18:03:00", "cpe": ["cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-"], "id": "CVE-2022-38006", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38006", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T19:04:24", "description": "Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-35837, CVE-2022-38006.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34728", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34728", "CVE-2022-35837", "CVE-2022-38006"], "modified": "2022-09-16T17:30:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-34728", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34728", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-11-16T06:37:25", "description": "Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34728, CVE-2022-38006.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35837", "cwe": ["CWE-668"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34728", "CVE-2022-35837", "CVE-2022-38006"], "modified": "2022-11-14T14:36:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:r2"], "id": "CVE-2022-35837", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35837", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*"]}, {"lastseen": "2022-09-16T19:04:08", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37956, CVE-2022-37957.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37964", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37964"], "modified": "2022-09-16T17:23:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2022-37964", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37964", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*"]}, {"lastseen": "2022-10-28T22:14:56", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37957, CVE-2022-37964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37956", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37964"], "modified": "2022-10-28T20:45:00", "cpe": ["cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-37956", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37956", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-09-16T19:04:12", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37956, CVE-2022-37964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37957", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37956", "CVE-2022-37957", "CVE-2022-37964"], "modified": "2022-09-16T17:55:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2"], "id": "CVE-2022-37957", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37957", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T19:04:10", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38008, CVE-2022-38009.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37961", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-09-16T17:43:00", "cpe": ["cpe:/a:microsoft:sharepoint_enterprise_server:2016", "cpe:/a:microsoft:sharepoint_server:-", "cpe:/a:microsoft:sharepoint_server:2019", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_enterprise_server:2013"], "id": "CVE-2022-37961", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37961", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T20:39:53", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37961, CVE-2022-38009.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38008", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-09-16T18:09:00", "cpe": ["cpe:/a:microsoft:sharepoint_server:2019", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_enterprise_server:2016", "cpe:/a:microsoft:sharepoint_enterprise_server:2013", "cpe:/a:microsoft:sharepoint_server:-"], "id": "CVE-2022-38008", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38008", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:language_pack:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*"]}, {"lastseen": "2022-09-16T20:39:49", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37961, CVE-2022-38008.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38009", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37961", "CVE-2022-38008", "CVE-2022-38009"], "modified": "2022-09-16T18:15:00", "cpe": ["cpe:/a:microsoft:sharepoint_server:2019", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_enterprise_server:2016", "cpe:/a:microsoft:sharepoint_enterprise_server:2013", "cpe:/a:microsoft:sharepoint_server:-"], "id": "CVE-2022-38009", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38009", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*"]}, {"lastseen": "2022-09-16T19:04:16", "description": "Windows Secure Channel Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-30196.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35833", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-30196", "CVE-2022-35833"], "modified": "2022-09-16T16:20:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-35833", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35833", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-15T20:41:25", "description": "Windows Secure Channel Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-35833.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-30196", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-30196", "CVE-2022-35833"], "modified": "2022-09-15T19:50:00", "cpe": ["cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:20h2"], "id": "CVE-2022-30196", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30196", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T19:04:20", "description": "Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34700.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35805", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34700", "CVE-2022-35805"], "modified": "2022-09-16T17:29:00", "cpe": ["cpe:/a:microsoft:dynamics_365:9.0", "cpe:/a:microsoft:dynamics_365:9.1"], "id": "CVE-2022-35805", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35805", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:dynamics_365:9.0:*:*:*:on-premises:*:*:*", "cpe:2.3:a:microsoft:dynamics_365:9.1:*:*:*:on-premises:*:*:*"]}, {"lastseen": "2022-09-15T22:34:25", "description": "Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35805.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34700", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34700", "CVE-2022-35805"], "modified": "2022-09-15T20:18:00", "cpe": ["cpe:/a:microsoft:dynamics_365:9.1", "cpe:/a:microsoft:dynamics_365:9.0"], "id": "CVE-2022-34700", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34700", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:dynamics_365:9.0:*:*:*:on-premises:*:*:*", "cpe:2.3:a:microsoft:dynamics_365:9.1:*:*:*:on-premises:*:*:*"]}, {"lastseen": "2022-09-15T22:34:24", "description": "Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33647.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-33679", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-33647", "CVE-2022-33679"], "modified": "2022-09-15T20:09:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2022-33679", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33679", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-15T22:34:24", "description": "Windows Kerberos Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33679.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-33647", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-33647", "CVE-2022-33679"], "modified": "2022-09-15T20:09:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2022-33647", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33647", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T19:04:09", "description": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38010.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37963", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37963", "CVE-2022-38010"], "modified": "2022-09-16T17:34:00", "cpe": ["cpe:/a:microsoft:365_apps:-", "cpe:/a:microsoft:office_long_term_servicing_channel:2021", "cpe:/a:microsoft:office:2019"], "id": "CVE-2022-37963", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37963", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*"]}, {"lastseen": "2022-09-16T20:39:48", "description": "Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37963.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38010", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37963", "CVE-2022-38010"], "modified": "2022-09-16T18:53:00", "cpe": ["cpe:/a:microsoft:365_apps:-", "cpe:/a:microsoft:office_long_term_servicing_channel:2021", "cpe:/a:microsoft:visio:2016", "cpe:/a:microsoft:office:2019", "cpe:/a:microsoft:visio:2013"], "id": "CVE-2022-38010", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38010", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-15T22:34:22", "description": "Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34721.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34722", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34721", "CVE-2022-34722"], "modified": "2022-09-15T20:22:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-34722", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34722", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-15T22:34:21", "description": "Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34722.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34721", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34721", "CVE-2022-34722"], "modified": "2022-09-15T20:23:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-34721", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34721", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T20:40:30", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37969.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35803", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35803", "CVE-2022-37969"], "modified": "2022-09-16T19:09:00", "cpe": ["cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-"], "id": "CVE-2022-35803", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35803", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-30T20:45:40", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35803.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37969", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35803", "CVE-2022-37969"], "modified": "2022-09-30T19:15:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37969", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37969", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T16:21:23", "description": "Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35828", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35828"], "modified": "2022-09-16T15:25:00", "cpe": ["cpe:/a:microsoft:defender_for_endpoint:-"], "id": "CVE-2022-35828", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35828", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:defender_for_endpoint:-:*:*:*:*:macos:*:*"]}, {"lastseen": "2022-09-16T19:04:27", "description": "Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34723", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34723"], "modified": "2022-09-16T17:32:00", "cpe": ["cpe:/o:microsoft:windows_11:-"], "id": "CVE-2022-34723", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34723", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T19:04:14", "description": "HTTP V3 Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35838", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35838"], "modified": "2022-09-16T17:26:00", "cpe": ["cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-"], "id": "CVE-2022-35838", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35838", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-09-16T20:40:07", "description": "Windows Enterprise App Management Service Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35841", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35841"], "modified": "2022-09-16T18:29:00", "cpe": ["cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_11:-"], "id": "CVE-2022-35841", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35841", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-15T20:41:26", "description": "Windows Photo Import API Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-26928", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-26928"], "modified": "2022-09-15T19:56:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2022-26928", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26928", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T16:21:23", "description": "Windows Remote Access Connection Manager Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35831", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35831"], "modified": "2022-09-16T15:55:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2022-35831", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35831", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-17T05:23:49", "description": "DirectX Graphics Kernel Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37954", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37954"], "modified": "2022-09-17T00:11:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_10:21h1"], "id": "CVE-2022-37954", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37954", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2022-12-22T21:20:16", "description": "Microsoft SharePoint Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35823", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35823"], "modified": "2022-12-22T20:27:00", "cpe": ["cpe:/a:microsoft:sharepoint_enterprise_server:2016", "cpe:/a:microsoft:sharepoint_enterprise_server:2013", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_server:2019", "cpe:/a:microsoft:sharepoint_server:-"], "id": "CVE-2022-35823", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35823", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T16:21:25", "description": "Remote Procedure Call Runtime Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35830", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35830"], "modified": "2022-09-16T15:48:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2022-35830", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35830", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*"]}, {"lastseen": "2022-09-16T19:04:17", "description": "Windows Event Tracing Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-35832", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35832"], "modified": "2022-09-16T16:07:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-35832", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35832", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-15T22:34:25", "description": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-30200", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-30200"], "modified": "2022-09-15T20:16:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-30200", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30200", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T19:04:15", "description": "Windows Group Policy Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37955", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37955"], "modified": "2022-09-16T17:21:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-37955", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37955", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-15T22:34:20", "description": "Windows DNS Server Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34724", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34724"], "modified": "2022-09-15T20:54:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2022-34724", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34724", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-15T22:34:19", "description": "Windows ALPC Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34725", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34725"], "modified": "2022-09-15T20:52:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-34725", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34725", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-15T20:41:27", "description": "Windows Credential Roaming Service Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-30170", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-30170"], "modified": "2022-09-15T19:52:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2022-30170", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30170", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-15T22:34:22", "description": "Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34720", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34720"], "modified": "2022-09-15T20:23:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2022-34720", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34720", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T19:04:28", "description": "Windows Distributed File System (DFS) Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34719", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34719"], "modified": "2022-09-16T17:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-34719", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34719", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:azure:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T19:04:23", "description": "Windows GDI Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-34729", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-34729"], "modified": "2022-09-16T17:29:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_7:-"], "id": "CVE-2022-34729", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34729", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-16T20:39:43", "description": "AV1 Video Extension Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38019", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38019"], "modified": "2022-09-16T18:35:00", "cpe": [], "id": "CVE-2022-38019", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38019", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-09-16T19:04:06", "description": "Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38007", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38007"], "modified": "2022-09-16T17:55:00", "cpe": ["cpe:/a:microsoft:azure_guest_configuration:-", "cpe:/a:microsoft:azure_arc:-"], "id": "CVE-2022-38007", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38007", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:azure_guest_configuration:-:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:azure_arc:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T19:04:09", "description": "Microsoft PowerPoint Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37962", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37962"], "modified": "2022-09-16T17:30:00", "cpe": ["cpe:/a:microsoft:office:2019", "cpe:/a:microsoft:office:2016", "cpe:/a:microsoft:office_long_term_servicing_channel:2021", "cpe:/a:microsoft:office:2013", "cpe:/a:microsoft:365_apps:-"], "id": "CVE-2022-37962", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37962", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*", "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:x64:*", "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:x86:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*", "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*"]}, {"lastseen": "2022-09-16T20:39:42", "description": "Visual Studio Code Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38020", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38020"], "modified": "2022-09-16T18:41:00", "cpe": ["cpe:/a:microsoft:visual_studio_code:-"], "id": "CVE-2022-38020", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38020", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:visual_studio_code:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T19:04:11", "description": "Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-37959", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37959"], "modified": "2022-09-16T17:41:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2022-37959", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37959", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T20:39:46", "description": "Raw Image Extension Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38011", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38011"], "modified": "2022-09-16T18:57:00", "cpe": ["cpe:/a:microsoft:raw_image_extension:-"], "id": "CVE-2022-38011", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38011", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:raw_image_extension:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-09-16T20:39:54", "description": "Windows Fax Service Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38004", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38004"], "modified": "2022-09-16T18:27:00", "cpe": ["cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-"], "id": "CVE-2022-38004", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38004", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*"]}, {"lastseen": "2022-09-29T22:48:45", "description": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-13T19:15:00", "type": "cve", "title": "CVE-2022-38012", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38012"], "modified": "2022-09-29T21:13:00", "cpe": ["cpe:/a:microsoft:edge_chromium:105.0.1343.25"], "id": "CVE-2022-38012", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38012", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:edge_chromium:105.0.1343.25:*:*:*:*:*:*:*"]}], "thn": [{"lastseen": "2022-10-12T08:05:16", "description": "[![Windows Zero-Day](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiq0vVMccKuTq9vBkLdPdqmhFsx4VGp16Gn_0agg6m1Mm6VnBpjWpj1B3PtCDO02Rc8BuDFnPaz2MQCSdWR5Xln_UfGBJaXtNH7W4LmT5CCSulXkepNrK6B9RERXqqKwakUvLmKjJJlRYVvrsB9JV9eAezHUBd4exVXef3ElX_W1Z_q4FP6c-ROsjuK/s728-e1000/windows.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiq0vVMccKuTq9vBkLdPdqmhFsx4VGp16Gn_0agg6m1Mm6VnBpjWpj1B3PtCDO02Rc8BuDFnPaz2MQCSdWR5Xln_UfGBJaXtNH7W4LmT5CCSulXkepNrK6B9RERXqqKwakUvLmKjJJlRYVvrsB9JV9eAezHUBd4exVXef3ElX_W1Z_q4FP6c-ROsjuK/s728-e100/windows.jpg>)\n\nTech giant Microsoft on Tuesday shipped fixes to quash [64 new security flaws](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep>) across its software lineup, including one zero-day flaw that has been actively exploited in real-world attacks.\n\nOf the 64 bugs, five are rated Critical, 57 are rated Important, one is rated Moderate, and one is rated Low in severity. The patches are in addition to [16 vulnerabilities](<https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security>) that Microsoft addressed in its Chromium-based Edge browser earlier this month.\n\n\"In terms of CVEs released, this Patch Tuesday may appear on the lighter side in comparison to other months,\" Bharat Jogi, director of vulnerability and threat research at Qualys, said in a statement shared with The Hacker News.\n\n\"However, this month hit a sizable milestone for the calendar year, with MSFT having fixed the 1000th CVE of 2022 \u2013 likely on track to surpass 2021, which patched 1,200 CVEs in total.\"\n\nThe actively exploited vulnerability in question is [CVE-2022-37969](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37969>) (CVSS score: 7.8), a privilege escalation flaw affecting the Windows Common Log File System ([CLFS](<https://docs.microsoft.com/en-us/previous-versions/windows/desktop/clfs/common-log-file-system-portal>)) Driver, which could be leveraged by an adversary to gain SYSTEM privileges on an already compromised asset.\n\n\"An attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code execution in cases where the attacker does not already have that ability on the target system,\" Microsoft said in an advisory.\n\nThe tech giant credited four different sets of researchers from CrowdStrike, DBAPPSecurity, Mandiant, and Zscaler for reporting the flaw, which may be an indication of widespread exploitation in the wild, Greg Wiseman, product manager at Rapid7, said in a statement.\n\nCVE-2022-37969 is also the second actively exploited zero-day flaw in the CLFS component after [CVE-2022-24521](<https://thehackernews.com/2022/04/microsoft-issues-patches-for-2-windows.html>) (CVSS score: 7.8) since the start of the year, the latter of which was resolved by Microsoft as part of its April 2022 Patch Tuesday updates.\n\nIt's not immediately clear if CVE-2022-37969 is a patch bypass for CVE-2022-24521. Other critical flaws of note are as follows -\n\n * [**CVE-2022-34718**](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718>) (CVSS score: 9.8) - Windows TCP/IP Remote Code Execution Vulnerability\n * [**CVE-2022-34721**](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34721>) (CVSS score: 9.8) - Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability\n * [**CVE-2022-34722**](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34722>) (CVSS score: 9.8) - Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability\n * [**CVE-2022-34700**](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34700>) (CVSS score: 8.8) - Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability\n * [**CVE-2022-35805**](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35805>) (CVSS score: 8.8) - Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability\n\n\"An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation,\" Microsoft said about CVE-2022-34721 and CVE-2022-34722.\n\nAlso resolved by Microsoft are 15 remote code execution flaws in [Microsoft ODBC Driver](<https://twitter.com/HaifeiLi/status/1569741391349313536>), Microsoft OLE DB Provider for SQL Server, and Microsoft SharePoint Server and five privilege escalation bugs spanning Windows Kerberos and Windows Kernel.\n\nThe September release is further notable for patching yet another elevation of privilege vulnerability in the Print Spooler module ([CVE-2022-38005](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38005>), CVSS score: 7.8) that could be abused to obtain SYSTEM-level permissions. \n\nLastly, included in the raft of security updates is a fix released by chipmaker Arm for a speculative execution vulnerability called [Branch History Injection](<https://thehackernews.com/2022/03/new-exploit-bypasses-existing-spectre.html>) or [Spectre-BHB](<https://developer.arm.com/Arm%20Security%20Center/Spectre-BHB>) (CVE-2022-23960) that came to light earlier this March.\n\n\"This class of vulnerabilities poses a large headache to the organizations attempting mitigation, as they often require updates to the operating systems, firmware and in some cases, a recompilation of applications and hardening,\" Jogi said. \"If an attacker successfully exploits this type of vulnerability, they could gain access to sensitive information.\"\n\n### Software Patches from Other Vendors\n\nAside from Microsoft, security updates have also been released by other vendors since the start of the month to rectify dozens of vulnerabilities, including \u2014\n\n * [Adobe](<https://helpx.adobe.com/security/security-bulletin.html>)\n * [Android](<https://source.android.com/docs/security/bulletin/2022-09-01>)\n * [Apache](<https://news.apache.org/foundation/entry/the-apache-news-round-up270>) [Projects](<https://news.apache.org/foundation/entry/the-apache-news-round-up270-2>)\n * [Apple](<https://thehackernews.com/2022/09/apple-releases-ios-and-macos-updates-to.html>)\n * [Cisco](<https://tools.cisco.com/security/center/publicationListing.x>)\n * [Citrix](<https://support.citrix.com/search/#/All%20Products?ct=Software%20Updates,Security%20Bulletins&searchText=&sortBy=Modified%20date&pageIndex=1>)\n * [Dell](<https://www.dell.com/support/security/>)\n * [F5](<https://support.f5.com/csp/new-updated-articles>)\n * [Fortinet](<https://www.fortiguard.com/psirt?date=09-2022>)\n * [GitLab](<https://about.gitlab.com/releases/2022/09/05/gitlab-15-3-3-released/>)\n * [Google Chrome](<https://thehackernews.com/2022/09/google-release-urgent-chrome-update-to.html>)\n * [HP](<https://thehackernews.com/2022/09/high-severity-firmware-security-flaws.html>)\n * [IBM](<https://www.ibm.com/blogs/psirt/>)\n * [Lenovo](<https://support.lenovo.com/us/en/product_security/ps500001-lenovo-product-security-advisories>)\n * Linux distributions [Debian](<https://www.debian.org/security/2022/>), [Oracle Linux](<https://linux.oracle.com/ords/f?p=105:21::::RP::>), [Red Hat](<https://access.redhat.com/security/security-updates/#/security-advisories?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory&documentKind=PortalProduct>), [SUSE](<https://www.suse.com/support/update/>), and [Ubuntu](<https://ubuntu.com/security/notices>)\n * [MediaTek](<https://corp.mediatek.com/product-security-bulletin/September-2022>)\n * [NVIDIA](<https://www.nvidia.com/en-us/security/>)\n * [Qualcomm](<https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2022-bulletin.html>)\n * [Samba](<https://www.samba.org/samba/history/>)\n * [SAP](<https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10>)\n * [Schneider Electric](<https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp>)\n * [Siemens](<https://new.siemens.com/global/en/products/services/cert.html#SecurityPublications>)\n * [Trend Micro](<https://success.trendmicro.com/dcx/s/vulnerability-response?language=en_US>)\n * [VMware](<https://www.vmware.com/security/advisories.html>), and\n * [WordPress](<https://wordpress.org/news/2022/09/dropping-security-updates-for-wordpress-versions-3-7-through-4-0/>) (which is dropping support for versions 3.7 through 4.0 starting December 1, 2022)\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T04:42:00", "type": "thn", "title": "Microsoft's Latest Security Update Fixes 64 New Flaws, Including a Zero-Day", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23960", "CVE-2022-24521", "CVE-2022-34700", "CVE-2022-34718", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-35805", "CVE-2022-37969", "CVE-2022-38005"], "modified": "2022-10-12T07:11:08", "id": "THN:D010C92A9BC9913717ECAC2624F32E80", "href": "https://thehackernews.com/2022/09/microsofts-latest-security-update-fixes.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-11T12:07:09", "description": "[![Hacking European Diplomatic](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiZxKv9loOhiE5QvtIiqCZhItBKYYIkzjnp5LKg1GuDHZvHpaOqkOB3hKIc0BEJwTjLK61VSBPiLid4u8M5_MZJSf1lUSHifMpbgWcIhCHd31qtUAq3TnxIjqj-SKsDulWpYpfYDiuHseo_lm7iJljFKj78hVTWzUJHNfK4twMgtKAZnVTaEbQMpQUN/s728-e1000/code.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiZxKv9loOhiE5QvtIiqCZhItBKYYIkzjnp5LKg1GuDHZvHpaOqkOB3hKIc0BEJwTjLK61VSBPiLid4u8M5_MZJSf1lUSHifMpbgWcIhCHd31qtUAq3TnxIjqj-SKsDulWpYpfYDiuHseo_lm7iJljFKj78hVTWzUJHNfK4twMgtKAZnVTaEbQMpQUN/s728-e100/code.jpg>)\n\nThe Russia-linked APT29 nation-state actor has been found leveraging a \"lesser-known\" Windows feature called Credential Roaming following a successful phishing attack against an unnamed European diplomatic entity.\n\n\"The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting,\" Mandiant researcher Thibault Van Geluwe de Berlaere [said](<https://www.mandiant.com/resources/blog/apt29-windows-credential-roaming>) in a technical write-up.\n\nAPT29, a Russian espionage group also called Cozy Bear, Iron Hemlock, and The Dukes, is [known](<https://malpedia.caad.fkie.fraunhofer.de/actor/apt29>) for its intrusions aimed at collecting intelligence that align with the country's strategic objectives. It's believed to be sponsored by the Foreign Intelligence Service (SVR).\n\nSome of the adversarial collective's cyber activities are tracked publicly under the moniker [Nobelium](<https://thehackernews.com/2022/08/microsoft-uncovers-new-post-compromise.html>), a threat cluster responsible for the widespread supply chain compromise through SolarWinds software in December 2020.\n\nThe Google-owned threat intelligence and incident response firm said it identified the use of Credential Roaming during the time APT29 was present inside the victim network in early 2022, at which point \"numerous [LDAP](<https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol>) queries with atypical properties\" were performed against the Active Directory system.\n\n[![Hacking European Diplomatic](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiTwhFkQktj5c6f9Wnidp-3xvmYp6tHaS4zuMa5m02YNVk7n4WqbJvdlPTPJ8aHEF1QzdFHAmtuSyoQ_S5wFXx7cmkihs2fzY2kuV9kWps4VwIo3Ym54q6T8WNevHyPz4r_1QKDtFqm8PcOrPegJrrRUi9FXRRguIneDONfjcelVHSk28ZqvSo1UCP3/s728-e1000/windows.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiTwhFkQktj5c6f9Wnidp-3xvmYp6tHaS4zuMa5m02YNVk7n4WqbJvdlPTPJ8aHEF1QzdFHAmtuSyoQ_S5wFXx7cmkihs2fzY2kuV9kWps4VwIo3Ym54q6T8WNevHyPz4r_1QKDtFqm8PcOrPegJrrRUi9FXRRguIneDONfjcelVHSk28ZqvSo1UCP3/s728-e100/windows.jpg>)\n\nIntroduced in Windows Server 2003 Service Pack 1 (SP1), Credential Roaming is a [mechanism](<https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/certs-on-wheels-understanding-credential-roaming/ba-p/395897>) that allows users to [access their credentials](<https://social.technet.microsoft.com/wiki/contents/articles/11483.windows-credential-roaming.aspx>) (i.e., private keys and certificates) in a secure manner across different workstations in a Windows domain.\n\nAccording to Microsoft, \"Credential Roaming is storing user credentials in the ms-PKI-DPAPIMasterKeys and ms-PKI-AccountCredentials attributes in the user object,\" with the latter described as a multi-valued LDAP property containing binary large objects (BLOBs) of encrypted credential objects.\n\nOne of the [LDAP attributes](<https://learn.microsoft.com/en-us/windows/win32/adschema/r-private-information>) queried by APT29, per the Google subsidiary, concerned ms-PKI-Credential-Roaming-Tokens, which handles the \"storage of encrypted user credential token BLOBs for roaming.\"\n\nInvestigating its inner workings further, Mandiant highlighted the discovery of an arbitrary file write vulnerability that could be weaponized by a threat actor to achieve remote code execution in the context of the logged-in victim.\n\nThe shortcoming, tracked as [CVE-2022-30170](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30170>) (CVSS score 7.3), was addressed by Microsoft as part of [Patch Tuesday updates](<https://thehackernews.com/2022/09/microsofts-latest-security-update-fixes.html>) shipped on September 13, 2022, with the company emphasizing that exploitation requires a user to log in to Windows.\n\n\"An attacker who successfully exploited the vulnerability could gain remote interactive logon rights to a machine where the victim's account would not normally hold such privilege,\" it noted.\n\nMandiant said the research \"offers insight into why APT29 is actively querying the related LDAP attributes in Active Directory,\" urging organizations to apply the September 2022 patches to secure against the flaw.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-09T13:47:00", "type": "thn", "title": "APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-30170"], "modified": "2022-11-11T11:51:18", "id": "THN:5F2987C1A3F554D79E8C056DC4B86850", "href": "https://thehackernews.com/2022/11/apt29-exploited-windows-feature-to.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2022-09-27T06:08:32", "description": "\n\nChrome Releases reports:\n\nThis release contains 24 security fixes, including:\n\n[1340253] Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28\n[1343348] High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11\n[1341539] High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03\n[1345947] High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20\n[1338553] High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22\n[1336979] High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16\n[1051198] High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12\n[1339648] High CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis <info@bnoordhuis.nl> on 2022-06-26\n[1346245] High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21\n[1342586] Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer on 2022-07-07\n[1303308] Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06\n[1316892] Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17\n[1337132] Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17\n[1345245] Medium CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel on 2022-07-18\n[1346154] Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21\n[1267867] Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08\n[1290236] Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24\n[1351969] Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11\n[1329460] Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26\n[1336904] Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16\n[1337676] Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20\n\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-30T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058"], "modified": "2022-08-30T00:00:00", "id": "F2043FF6-2916-11ED-A1EF-3065EC8FD3EC", "href": "https://vuxml.freebsd.org/freebsd/f2043ff6-2916-11ed-a1ef-3065ec8fd3ec.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "suse": [{"lastseen": "2022-11-06T12:08:13", "description": "An update that fixes 23 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Chromium 105.0.5195.102 (boo#1203102):\n\n * CVE-2022-3075: Insufficient data validation in Mojo\n\n Chromium 105.0.5195.52 (boo#1202964):\n\n * CVE-2022-3038: Use after free in Network Service\n * CVE-2022-3039: Use after free in WebSQL\n * CVE-2022-3040: Use after free in Layout\n * CVE-2022-3041: Use after free in WebSQL\n * CVE-2022-3042: Use after free in PhoneHub\n * CVE-2022-3043: Heap buffer overflow in Screen Capture\n * CVE-2022-3044: Inappropriate implementation in Site Isolation\n * CVE-2022-3045: Insufficient validation of untrusted input in V8\n * CVE-2022-3046: Use after free in Browser Tag\n * CVE-2022-3071: Use after free in Tab Strip\n * CVE-2022-3047: Insufficient policy enforcement in Extensions API\n * CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen\n * CVE-2022-3049: Use after free in SplitScreen\n * CVE-2022-3050: Heap buffer overflow in WebUI\n * CVE-2022-3051: Heap buffer overflow in Exosphere\n * CVE-2022-3052: Heap buffer overflow in Window Manager\n * CVE-2022-3053: Inappropriate implementation in Pointer Lock\n * CVE-2022-3054: Insufficient policy enforcement in DevTools\n * CVE-2022-3055: Use after free in Passwords\n * CVE-2022-3056: Insufficient policy enforcement in Content Security Policy\n * CVE-2022-3057: Inappropriate implementation in iframe Sandbox\n * CVE-2022-3058: Use after free in Sign-In Flow\n\n - Update chromium-symbolic.svg: this fixes boo#1202403.\n\n - Fix quoting in chrome-wrapper, don't put cwd on LD_LIBRARY_PATH\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP4:\n\n zypper in -t patch openSUSE-2022-10119=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-12T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071", "CVE-2022-3075"], "modified": "2022-09-12T00:00:00", "id": "OPENSUSE-SU-2022:10119-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GAVZ7A2NRXHLI7C5TFF7GQHYKEGQIQRR/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-06T12:08:13", "description": "An update that fixes 23 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Chromium 105.0.5195.102 (boo#1203102):\n\n * CVE-2022-3075: Insufficient data validation in Mojo\n\n Chromium 105.0.5195.52 (boo#1202964):\n\n * CVE-2022-3038: Use after free in Network Service\n * CVE-2022-3039: Use after free in WebSQL\n * CVE-2022-3040: Use after free in Layout\n * CVE-2022-3041: Use after free in WebSQL\n * CVE-2022-3042: Use after free in PhoneHub\n * CVE-2022-3043: Heap buffer overflow in Screen Capture\n * CVE-2022-3044: Inappropriate implementation in Site Isolation\n * CVE-2022-3045: Insufficient validation of untrusted input in V8\n * CVE-2022-3046: Use after free in Browser Tag\n * CVE-2022-3071: Use after free in Tab Strip\n * CVE-2022-3047: Insufficient policy enforcement in Extensions API\n * CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen\n * CVE-2022-3049: Use after free in SplitScreen\n * CVE-2022-3050: Heap buffer overflow in WebUI\n * CVE-2022-3051: Heap buffer overflow in Exosphere\n * CVE-2022-3052: Heap buffer overflow in Window Manager\n * CVE-2022-3053: Inappropriate implementation in Pointer Lock\n * CVE-2022-3054: Insufficient policy enforcement in DevTools\n * CVE-2022-3055: Use after free in Passwords\n * CVE-2022-3056: Insufficient policy enforcement in Content Security Policy\n * CVE-2022-3057: Inappropriate implementation in iframe Sandbox\n * CVE-2022-3058: Use after free in Sign-In Flow\n\n - Update chromium-symbolic.svg: this fixes boo#1202403.\n - Fix quoting in chrome-wrapper, don't put cwd on LD_LIBRARY_PATH\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP3:\n\n zypper in -t patch openSUSE-2022-10120=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-12T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071", "CVE-2022-3075"], "modified": "2022-09-12T00:00:00", "id": "OPENSUSE-SU-2022:10120-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2EVLCBABO7RGGUVQCAZPA7MNGKWHWCJN/", "cvss": {"score": 0.0, "vector": "NONE"}}], "mageia": [{"lastseen": "2022-09-30T20:48:21", "description": "The chromium-browser-stable package has been updated to the new 105 branch with the 105.0.5195.102 version, fixing many bugs and 25 vulnerabilities. Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild. Some of the addressed CVE are listed below: High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30 Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28 High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11 High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03 High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20 High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22 High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16 High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12 High CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis on 2022-06-26 High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21 High CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel on 2022-06-06 Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer on 2022-07-07 Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06 Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17 Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17 Medium CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel on 2022-07-18 Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21 Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08 Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24 Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11 Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26 Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16 Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20 \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-09-04T19:47:19", "type": "mageia", "title": "Updated chromium-browser-stable packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071", "CVE-2022-3075"], "modified": "2022-09-04T19:47:15", "id": "MGASA-2022-0318", "href": "https://advisories.mageia.org/MGASA-2022-0318.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "chrome": [{"lastseen": "2022-09-27T07:59:09", "description": "The Chrome team is delighted to announce the promotion of Chrome 105 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.\n\n\n\nChrome 105.0.5195.52 ( Mac/linux) and 105.0.5195.52/53/54( Windows) contains a number of fixes and improvements -- a list of changes is available in the[ log](<https://chromium.googlesource.com/chromium/src/+log/104.0.5112.102..105.0.5195.54?pretty=fuller&n=10000>). Watch out for upcoming[ ](<https://chrome.blogspot.com/>)[Chrome](<https://chrome.blogspot.com/>) and[ Chromium](<https://blog.chromium.org/>) blog posts about new features and big efforts delivered in 105.\n\n\n\n\nSecurity Fixes and Rewards\n\nNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.\n\n\n\n\nThis update includes [24](<https://bugs.chromium.org/p/chromium/issues/list?can=1&q=type%3Abug-security+os%3DAndroid%2Cios%2Clinux%2Cmac%2Cwindows%2Call%2Cchrome+label%3ARelease-0-M105>) security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the [Chrome Security Page](<https://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information.\n\n\n\n\n[$NA][[1340253](<https://crbug.com/1340253>)] Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28\n\n[$10000][[1343348](<https://crbug.com/1343348>)] High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11\n\n[$9000][[1341539](<https://crbug.com/1341539>)] High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03\n\n[$7500][[1345947](<https://crbug.com/1345947>)] High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20\n\n[$5000][[1338553](<https://crbug.com/1338553>)] High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22\n\n[$3000][[1336979](<https://crbug.com/1336979>)] High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16\n\n[$NA][[1051198](<https://crbug.com/1051198>)] High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12\n\n[$TBD][[1339648](<https://crbug.com/1339648>)] High CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis <info@bnoordhuis.nl> on 2022-06-26\n\n[$TBD][[1346245](<https://crbug.com/1346245>)] High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21\n\n[$3000][[1333995](<https://crbug.com/1333995>)] High CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel on 2022-06-06\n\n[$7000][[1342586](<https://crbug.com/1342586>)] Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer on 2022-07-07\n\n[$5000][[1303308](<https://crbug.com/1303308>)] Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06\n\n[$3000][[1316892](<https://crbug.com/1316892>)] Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17\n\n[$3000][[1337132](<https://crbug.com/1337132>)] Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17\n\n[$2000][[1345245](<https://crbug.com/1345245>)] Medium CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel on 2022-07-18\n\n[$2000][[1346154](<https://crbug.com/1346154>)] Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21\n\n[$TBD][[1267867](<https://crbug.com/1267867>)] Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08\n\n[$TBD][[1290236](<https://crbug.com/1290236>)] Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24\n\n[$TBD][[1351969](<https://crbug.com/1351969>)] Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11\n\n[$3000][[1329460](<https://crbug.com/1329460>)] Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26\n\n[$2000][[1336904](<https://crbug.com/1336904>)] Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16\n\n[$1000][[1337676](<https://crbug.com/1337676>)] Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20\n\n\n\n\nWe would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. \n\nAs usual, our ongoing internal security work was responsible for a wide range of fixes:\n\n * [[1357881](<https://crbug.com/1357881>)] Various fixes from internal audits, fuzzing and other initiatives\n\n\n\n\nMany of our security bugs are detected using [AddressSanitizer](<https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>), [MemorySanitizer](<https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer>), [UndefinedBehaviorSanitizer](<https://www.chromium.org/developers/testing/undefinedbehaviorsanitizer>), [Control Flow Integrity](<https://sites.google.com/a/chromium.org/dev/developers/testing/control-flow-integrity>), [libFuzzer](<https://sites.google.com/a/chromium.org/dev/developers/testing/libfuzzer>), or [AFL](<https://github.com/google/afl>).\n\n\n\n\n\n\n\n\n\n\n\nInterested in switching release channels? Find out how [here](<https://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<https://crbug.com/>). The [community help forum](<https://support.google.com/chrome/community>) is also a great place to reach out for help or learn about common issues.\n\n\n\n\n\n\n\n\nPrudhvikumar Bommana\n\nGoogle Chrome", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-30T00:00:00", "type": "chrome", "title": "Stable Channel Update for Desktop", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071"], "modified": "2022-08-30T00:00:00", "id": "GCSA-6098751293474831349", "href": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2022-09-27T06:16:58", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5223-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 01, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 \n CVE-2022-3042 CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 \n CVE-2022-3046 CVE-2022-3047 CVE-2022-3048 CVE-2022-3049 \n CVE-2022-3050 CVE-2022-3051 CVE-2022-3052 CVE-2022-3053 \n CVE-2022-3054 CVE-2022-3055 CVE-2022-3056 CVE-2022-3057 \n CVE-2022-3058 CVE-2022-3071\nDebian Bug : 987292\n\nMultiple security issues were discovered in Chromium, which could result\nin the execution of arbitrary code, denial of service or information\ndisclosure.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 105.0.5195.52-1~deb11u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-01T19:22:26", "type": "debian", "title": "[SECURITY] [DSA 5223-1] chromium security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3038", "CVE-2022-3039", "CVE-2022-3040", "CVE-2022-3041", "CVE-2022-3042", "CVE-2022-3043", "CVE-2022-3044", "CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3047", "CVE-2022-3048", "CVE-2022-3049", "CVE-2022-3050", "CVE-2022-3051", "CVE-2022-3052", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3055", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3058", "CVE-2022-3071"], "modified": "2022-09-01T19:22:26", "id": "DEBIAN:DSA-5223-1:94035", "href": "https://lists.debian.org/debian-security-announce/2022/msg00192.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2022-09-02T00:14:20", "description": "\nMultiple security issues were discovered in Chromium, which could result\nin the execution of arbitrary code, denial of service or information\ndisclosure.\n\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 105.0.5195.52-1~deb11u1.\n\n\nWe recommend that you upgrade your chromium packages.\n\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/chromium](https://security-tracker.debian.org/tracker/chromium)\n\n\n", "edition": 1, "cvss3": {}, "published": "2022-09-01T00:00:00", "type": "osv", "title": "chromium - security update", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-3045", "CVE-2022-3046", "CVE-2022-3042", "CVE-2022-3071", "CVE-2022-3040", "CVE-2022-3047", "CVE-2022-3058", "CVE-2022-3049", "CVE-2022-3056", "CVE-2022-3057", "CVE-2022-3048", "CVE-2022-3055", "CVE-2022-3039", "CVE-2022-3044", "CVE-2022-3041", "CVE-2022-3050", "CVE-2022-3043", "CVE-2022-3053", "CVE-2022-3054", "CVE-2022-3051", "CVE-2022-3038", "CVE-2022-3052"], "modified": "2022-09-02T00:14:18", "id": "OSV:DSA-5223-1", "href": "https://osv.dev/vulnerability/DSA-5223-1", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-31T02:42:32", "description": "### Impact\n\nA vulnerability exists in the `DSInternals.Common.Data.RoamedCredential.Save()` method, which incorrectly parses the `msPKIAccountCredentials` LDAP attribute values. As a consequence, a malicious actor would be able to modify the file system of the computer where an application using this function is executed with administrative privileges.\n\nA [similar security issue](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30170) used to be present in the Windows operating system, as DSInternals re-implements the Credential Roaming feature of Windows.\n\n### Exploitability\n\nThe vulnerability can be exploited under the following circumstances:\n- An attacker is able to modify the `msPKIAccountCredentials` attribute of a user account in Active Directory. This attribute is used by the Credential Roaming feature of Windows and each AD user can modify their own roamed credentials. AND\n- A 3rd party application uses the `DSInternals.Common` library to export roamed credentials from Active Directory to a file system. AND\n- The application has administrative privileges on the local system.\n\nThe probability of any 3rd-party product using the `DSInternals.Common` library being affected by this vulnerability is extremely low.\n\n### Patches\n\nThe issue had been fixed in DSInternals 4.8.\n\n### References\n\nhttps://www.mandiant.com/resources/blog/apt29-windows-credential-roaming\n", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-12-06T21:13:49", "type": "osv", "title": "DSInternals Credential Roaming Elevation of Privilege Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-30170"], "modified": "2023-01-31T02:42:28", "id": "OSV:GHSA-VX2X-9CFF-FHJW", "href": "https://osv.dev/vulnerability/GHSA-vx2x-9cff-fhjw", "cvss": {"score": 0.0, "vector": "NONE"}}], "krebs": [{"lastseen": "2022-09-14T02:46:56", "description": "This month's Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in **Microsoft Windows** that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, **Apple** has also quashed a pair of zero-day bugs affecting certain macOS and iOS users, and released **iOS 16**, which offers a new privacy and security feature called "**Lockdown Mode**." And **Adobe** axed 63 vulnerabilities in a range of products.\n\n![](https://krebsonsecurity.com/wp-content/uploads/2022/09/computerguys.png)\n\nMicrosoft today released software patches to plug at least 64 security holes in Windows and related products. Worst in terms of outright scariness is [CVE-2022-37969](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969>), which is a "privilege escalation" weakness in the **Windows Common Log File System Driver** that allows attackers to gain SYSTEM-level privileges on a vulnerable host. Microsoft says this flaw is already being exploited in the wild.\n\n**Kevin Breen**, director of cyber threat research at **Immersive Labs**, said any vulnerability that is actively targeted by attackers in the wild must be put to the top of any patching list.\n\n"Not to be fooled by its relatively low CVSS score of 7.8, privilege escalation vulnerabilities are often highly sought after by cyber attackers," Breen said. "Once an attacker has managed to gain a foothold on a victim\u2019s system, one of their first actions will be to gain a higher level of permissions, allowing the attacker to disable security applications and any device monitoring. There is no known workaround to date, so patching is the only effective mitigation."\n\n**Satnam Narang** at **Tenable** said [CVE-2022-24521](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24521>) -- a similar vulnerability in the same Windows log file component -- was patched earlier this year as part of [Microsoft\u2019s April Patch Tuesday release](<https://krebsonsecurity.com/2022/04/microsoft-patch-tuesday-april-2022-edition/>) and was also exploited in the wild.\n\n"CVE-2022-37969 was disclosed by several groups, though it\u2019s unclear if CVE-2022-37969 is a patch-bypass for CVE-2022-24521 at this point," Narang said.\n\nAnother vulnerability Microsoft patched this month -- [CVE-2022-35803](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35803>) -- also seems to be related to the same Windows log file component. While there are no indications CVE-2022-35803 is being actively exploited, Microsoft suggests that exploitation of this flaw is more likely than not.\n\nTrend Micro's **Dustin Childs** called attention to [CVE-2022-34718](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718>), a remote code execution flaw in the **Windows TCP/IP** service that could allow an unauthenticated attacker to execute code with elevated privileges on affected systems without user interaction.\n\n"That officially puts it into the 'wormable' category and earns it a CVSS rating of 9.8," Childs said. "However, only systems with IPv6 enabled and IPSec configured are vulnerable. While good news for some, if you\u2019re using IPv6 (as many are), you\u2019re probably running IPSec as well. Definitely test and deploy this update quickly."\n\n**Cisco Talos** warns about four critical vulnerabilities fixed this month -- [CVE-2022-34721](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721>) and [CVE-2022-34722](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722>) -- which have severity scores of 9.8, though they are \u201cless likely\u201d to be exploited, according to Microsoft.\n\n"These are remote code execution vulnerabilities in the **Windows Internet Key Exchange** protocol that could be triggered if an attacker sends a specially crafted IP packet," [wrote](<https://blog.talosintelligence.com/2022/09/microsoft-patch-tuesday-for-september.html>) **Jon Munshaw** and **Asheer Malhotra**. "Two other critical vulnerabilities, [CVE-2022-35805](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35805>) and [CVE-2022-34700](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34700>) exist in on-premises instances of **Microsoft Dynamics 365**. An authenticated attacker could exploit these vulnerabilities to run a specially crafted trusted solution package and execute arbitrary SQL commands. The attacker could escalate their privileges further and execute commands as the database owner."\n\n![](https://krebsonsecurity.com/wp-content/uploads/2022/09/lockdownmode.png)Not to be outdone, Apple fixed at least two zero-day vulnerabilities when it released updates for iOS, iPadOS, macOS and Safari. CVE-2022-32984 is a problem in the deepest recesses of the operating system (the kernel). Apple pushed [an emergency update](<https://nakedsecurity.sophos.com/2022/08/18/apple-patches-double-zero-day-in-browser-and-kernel-update-now/>) for a related zero-day last month in CVE-2022-32983, which could be used to foist malware on iPhones, iPads and Macs that visited a booby-trapped website.\n\nAlso listed under active attack is **CVE-2022-32817**, which has been fixed on macOS 12.6 (Monterey), macOS 11.7 (Big Sur), iOS 15.7 and iPadOS 15.7, and iOS 16. The same vulnerability [was fixed in Apple Watch in July 2022](<https://support.apple.com/en-us/HT213340>), and credits **Xinru Chi** of Japanese cybersecurity firm **Pangu Lab**.\n\n"Interestingly, this CVE is also listed in the advisory for iOS 16, but it is not called out as being under active exploit for that flavor of the OS," Trend Micro's Childs noted. "Apple does state in its iOS 16 advisory that 'Additional CVE entries to be added soon.' It\u2019s possible other bugs could also impact this version of the OS. Either way, it\u2019s time to update your Apple devices."\n\nApple's iOS 16 includes two new security and privacy features -- [Lockdown Mode](<https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/>) and [Safety Check](<https://support.apple.com/guide/personal-safety/how-safety-check-works-ips2aad835e1/web>). **Wired.com** describes Safety Check as a feature for users who are at risk for, or currently experiencing, domestic abuse.\n\n"The tool centralizes a number of controls in one place to make it easier for users to manage and revoke access to their location data and reset privacy-related permissions," [wrote](<https://www.wired.com/story/apple-ios-16-safety-check-lockdown-mode/>) **Lily Hay Newman**.\n\n"Lockdown Mode, on the other hand, is meant for users who potentially face targeted spyware attacks and aggressive state-backed hacking. The feature comprehensively restricts any nonessential iOS features so there are as few potential points of entry to a device as possible. As more governments and repressive entities around the world have begun purchasing powerful commodity spyware to target individuals of particular importance or interest, iOS's general security defenses haven't been able to keep pace with these specialized threats."\n\nTo turn on Lockdown Mode in iOS 16, go to **Settings**, then **Privacy and Security**, then **Lockdown Mode**. Safety Check is located in the same area.\n\nFinally, Adobe released [seven patches](<https://helpx.adobe.com/security.html>) addressing 63 security holes in **Adobe Experience Manager**, **Bridge**, **InDesign**, **Photoshop**, **InCopy**, **Animate**, and **Illustrator**. More on those updates is [here](<https://helpx.adobe.com/security.html>).\n\nDon't forget to back up your data and/or system before applying any security updates. If you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a decent chance other readers have experienced the same and may chime in here with useful tips.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T00:23:45", "type": "krebs", "title": "Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday", "bulletinFamily": "blog", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-24521", "CVE-2022-32817", "CVE-2022-32983", "CVE-2022-32984", "CVE-2022-34700", "CVE-2022-34718", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-35803", "CVE-2022-35805", "CVE-2022-37969"], "modified": "2022-09-14T00:23:45", "id": "KREBS:93C313996DC56B0E237DCF999BF438CB", "href": "https://krebsonsecurity.com/2022/09/wormable-flaw-0days-lead-sept-2022-patch-tuesday/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "qualysblog": [{"lastseen": "2022-10-03T20:04:30", "description": "# **Microsoft Patch Tuesday Summary**\n\nMicrosoft has fixed 63 vulnerabilities (aka flaws) in the September 2022 update, including five (5) vulnerabilities classified as **_Critical_** as they allow Remote Code Execution (RCE). This month's Patch Tuesday fixes two (2) zero-day vulnerabilities, with one (1) actively exploited***** in attacks (**[CVE-2022-37969](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969>)***,[ ](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30134>)**[CVE-2022-23960](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23960>)**). Earlier this month, on September 1-2, 2022, Microsoft also released a total of 16 Microsoft Edge (Chromium-Based) updates, one (1) addressing a Remote Code Execution (RCE) ([CVE-2022-38012](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38012>)) ranked _**Low**_.\n\nMicrosoft has fixed several flaws in its software, including Denial of Service, Elevation of Privilege, Information Disclosure, Microsoft Edge (Chromium-based), Remote Code Execution, and Security Feature Bypass.\n\n## **The September 2022 Microsoft Vulnerabilities are Classified as follows:**\n\n![](https://blog.qualys.com/wp-content/uploads/2022/09/2022-09_SEP-iMPACT-SEVERITY.png)\n\n# **Notable Microsoft Vulnerabilities Patched**\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-34718](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718>) | Windows TCP/IP Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 9.8/10.\n\nAn unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation More Likely_**\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-34721](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721>), [CVE-2022-34722](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722>) | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 9.8/10.\n\nAn unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. NOTE: This vulnerability_ only impacts IKEv1_. IKEv2 is not impacted. However, all Windows Servers are affected because they accept both V1 and V2 packets.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n# **Zero-Day Vulnerabilities Addressed**\n\nA vulnerability is classified as a zero-day if it is publicly disclosed or actively exploited with no official fix available.\n\n### [CVE-2022-37969](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969>) | Windows Common Log File System Driver Elevation of Privilege (EoP) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 7.8/10.\n\nAn attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code execution in cases where the attacker does not already have that ability on the target system.\n\nAn attacker who successfully exploited this vulnerability could gain SYSTEM privileges.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation More Likely_**\n\n* * *\n\n### [CVE-2022-23960](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23960>) | Windows Common Log File System Driver Elevation of Privilege (EoP) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of [5.6](<https://nvd.nist.gov/vuln/detail/CVE-2022-23960>)/10.\n\n[CVE-2022-23960](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960>) is regarding a vulnerability known as Spectre-BHB. MITRE created this CVE on behalf of Arm Limited.\n\nPlease see [Spectre-BHB on arm Developer](<https://developer.arm.com/Arm%20Security%20Center/Spectre-BHB>) for more information.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): _**Exploitation Less Likely**_\n\n* * *\n\n# **Microsoft Important Vulnerability Highlights**\n\nThis month\u2019s [advisory](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep>) covers multiple Microsoft product families, including Azure, Browser, Developer Tools, [Extended Security Updates (ESU)](<https://docs.microsoft.com/en-us/lifecycle/faq/extended-security-updates>), Microsoft Dynamics, Microsoft Office, System Center, and Windows.\n\nA total of 92 unique Microsoft products/versions are affected, including but not limited to .NET, Azure Arc, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Office, Microsoft Office SharePoint, SPNEGO Extended Negotiation, Visual Studio Code, Windows Common Log File System Driver, Windows Credential Roaming Service, Windows Defender, Windows Distributed File System (DFS), Windows DPAPI (Data Protection Application Programming Interface), Windows Enterprise App Management, Windows Event Tracing, Windows Group Policy, Windows IKE Extension, Windows Kerberos, Windows Kernel, Windows LDAP - Lightweight Directory Access Protocol, Windows ODBC Driver, Windows OLE, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows TCP/IP, and Windows Transport Security Layer (TLS).\n\nDownloads include Cumulative Update, Monthly Rollup, Security Hotpatch Update, Security Only, and Security Updates.\n\n* * *\n\n### [CVE-2022-38009](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38009>) | Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 8.8/10.\n\nIn a network-based attack, an authenticated attacker with Manage List permissions could execute code remotely on the SharePoint Server.\n\nThe attacker must be authenticated to the target site, with the permission to use Manage Lists within SharePoint.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-26929](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26929>) | .NET Framework Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 7.8/10.\n\nThe word **Remote** in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.\n\nFor example, when the score indicates that the **Attack Vector** is **Local** and **User Interaction** is **Required**, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047>)[CVE-2022-38007](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38007>) | Azure Guest Configuration and Azure Arc-enabled Servers Elevation of Privilege (EoP) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 7.8/10.\n\nAn attacker who successfully exploited the vulnerability could replace Microsoft-shipped code with their own code, which would then be run as root in the context of a Guest Configuration daemon. On an Azure VM with the Guest Configuration Linux Extension installed, this would run in the context of the GC Policy Agent daemon. On an Azure Arc-enabled server, it could run in the context of the GC Arc Service or Extension Service daemons.\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n## **Microsoft Edge | Last But Not Least**\n\nEarlier in September 2022, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities including [CVE-2022-38012](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38012>). The vulnerability assigned to the CVE is in the Chromium Open Source Software (OSS) which is consumed by Microsoft Edge. It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. For more information, please see [Security Update Guide Supports CVEs Assigned by Industry Partners](<https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/>).\n\n### [](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38012>)[CVE-2022-38012](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38012>) | Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 7.7/10.\n\nThe word **Remote** in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.\n\nFor example, when the score indicates that the **Attack Vector** is **Local** and **User Interaction** is **Required**, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.\n\nThis vulnerability could lead to a browser sandbox escape.\n\nSuccessful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.\n\nNOTE: [Per Microsoft's severity guidelines](<https://www.microsoft.com/en-us/msrc/bounty-new-edge>), the amount of user interaction or preconditions required to allow this sort of exploitation downgraded the severity. The CVSS scoring system doesn't allow for this type of nuance which explains why this CVE is rated as Low, but the CVSSv3.1 score is 7.7\n\n* * *\n\n# **Adobe Security Bulletins and Advisories**\n\nAdobe released seven (7) [security bulletins and advisories](<https://helpx.adobe.com/security/security-bulletin.html>) with updates to fix 63 vulnerabilities affecting Adobe Animate, Bridge, Illustrator, InCopy, InDesign, Photoshop, and Experience Manager applications. Of these 63 vulnerabilities, 35 are rated as **_[Critical](<https://helpx.adobe.com/security/severity-ratings.html>)_** and 28 rated as _****_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_****_; ranging in severity from a CVSS score of 5.3/10 to 7.8/10, as summarized below.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/09/2022-09_SEP-APSB-IMPACT-SEVERITY.png)\n\n* * *\n\n### [APSB22-40](<https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html>) | Security Update Available for Adobe Experience Manager\n\nThis update resolves 11 [_****__****_](<https://helpx.adobe.com/security/severity-ratings.html>)_****_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_****_ vulnerabilities.\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released updates for Adobe Experience Manager (AEM). These updates resolve vulnerabilities rated [Important](<https://helpx.adobe.com/security/severity-ratings.html>). Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass.\n\n* * *\n\n### [APSB22-49](<https://helpx.adobe.com/security/products/bridge/apsb22-49.html>) | Security Update Available for Adobe Bridge\n\nThis update resolves 12 vulnerabilities:\n\n * Ten (10) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * Two (2) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): _3\n\nAdobe has released a security update for Adobe Bridge. This update addresses [critical](<https://helpx.adobe.com/security/severity-ratings.html>) and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities that could lead to arbitrary code execution and memory leak.\n\n* * *\n\n### [APSB22-50](<https://helpx.adobe.com/security/products/indesign/apsb22-50.html>) | Security Update Available for Adobe InDesign\n\nThis update resolves 18 vulnerabilities:\n\n * Eight (8) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * Ten (10) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): _3\n\nAdobe has released a security update for Adobe InDesign. This update addresses multiple [critical ](<https://helpx.adobe.com/security/severity-ratings.html>)and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution, arbitrary file system read, and memory leak.\n\n* * *\n\n### [APSB22-52](<https://helpx.adobe.com/security/products/photoshop/apsb22-52.html>) | Security Update Available for Adobe Photoshop\n\nThis update resolves ten (10) vulnerabilities:\n\n * Nine (9) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * One (1) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released an update for Photoshop for Windows and macOS. This update resolves [critical](<https://helpx.adobe.com/security/severity-ratings.html>) and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak.\n\n* * *\n\n### [APSB22-53](<https://helpx.adobe.com/security/products/incopy/apsb22-53.html>) | Security Update Available for Adobe InCopy\n\nThis update resolves seven (7) vulnerabilities:\n\n * Five (5) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * Two (2) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released a security update for Adobe InCopy. This update addresses multiple [critical](<https://helpx.adobe.com/security/severity-ratings.html>) and [important](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. \n\n* * *\n\n### [APSB22-54](<https://helpx.adobe.com/security/products/animate/apsb22-54.html>) | Security Update Available for Adobe Animate\n\nThis update resolves two (2) [](<https://helpx.adobe.com/security/severity-ratings.html>)[_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities.\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released an update for Adobe Animate. This update resolves [critical](<https://helpx.adobe.com/security/severity-ratings.html>) vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. \n\n* * *\n\n### [APSB22-55](<https://helpx.adobe.com/security/products/illustrator/apsb22-55.html>) | Security Update Available for Adobe Illustrator\n\nThis update resolves three (3) vulnerabilities:\n\n * One (1) [_**Critical**_](<https://helpx.adobe.com/security/severity-ratings.html>)\n * Two (2) **_[Important](<https://helpx.adobe.com/security/severity-ratings.html>)_**\n\n_[Adobe Priority](<https://helpx.adobe.com/security/severity-ratings.html>): 3_\n\nAdobe has released an update for Adobe Illustrator 2022. This update resolves [critical ](<https://helpx.adobe.com/security/severity-ratings.html>)and [important ](<https://helpx.adobe.com/security/severity-ratings.html>)vulnerabilities that could lead to arbitrary code execution and memory leak.\n\n* * *\n\n# **About Qualys Patch Tuesday**\n\nQualys Patch Tuesday QIDs are published as [Security Alerts](<https://www.qualys.com/research/security-alerts/>) typically late in the evening on the day of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>), followed later by the publication of the monthly queries for the [Unified Dashboard: 2022 Patch Tuesday (QID Based) Dashboard](<https://success.qualys.com/discussions/s/article/000006821>) by Noon on Wednesday.\n\n* * *\n\n## Qualys [Threat Protection](<https://www.qualys.com/apps/threat-protection/>) High-Rated Advisories from August to September 2022 Patch Tuesday Advisory\n\n_Sorted in Descending Order_\n\n * [Microsoft Patches Vulnerabilities 79 including 16 Microsoft Edge (Chromium-Based); with 2 Zero-days and 5 Critical in Patch Tuesday September 2022 Edition](<https://threatprotect.qualys.com/2022/09/14/microsoft-patches-vulnerabilities-79-including-16-microsoft-edge-chromium-based-with-2-zero-days-and-5-critical-in-patch-tuesday-september-2022-edition/>)\n * [Google Chrome Releases Fix for the Zero-day Vulnerability (CVE-2022-3075)](<https://threatprotect.qualys.com/2022/08/10/microsoft-patches-121-vulnerabilities-with-two-zero-days-and-17-critical-plus-20-microsoft-edge-chromium-based-in-august-2022-patch-tuesday/>)\n * [Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-36804)](<https://threatprotect.qualys.com/2022/08/29/atlassian-bitbucket-server-and-data-center-command-injection-vulnerability-cve-2022-36804/>)\n * [GitLab Patches Critical Remote Command Execution Vulnerability (CVE-2022-2884)](<https://threatprotect.qualys.com/2022/08/25/gitlab-patches-critical-remote-command-execution-vulnerability-cve-2022-2884/>)\n * [Apple Releases Security Updates to patch two Zero-Day Vulnerabilities (CVE-2022-32893 and CVE-2022-32894)](<https://threatprotect.qualys.com/2022/08/18/apple-releases-security-updates-to-patch-two-zero-day-vulnerabilities-cve-2022-32893-and-cve-2022-32894/>)\n * [Google Chrome Zero-Day Insufficient Input Validation Vulnerability (CVE-2022-2856)](<https://threatprotect.qualys.com/2022/08/18/google-chrome-zero-day-insufficient-input-validation-vulnerability-cve-2022-2856/>)\n * [Palo Alto Networks (PAN-OS) Reflected Amplification Denial-of-Service (DoS) Vulnerability (CVE-2022-0028)](<https://threatprotect.qualys.com/2022/08/16/palo-alto-networks-pan-os-reflected-amplification-denial-of-service-dos-vulnerability-cve-2022-0028/>)\n * [Microsoft Patches 121 Vulnerabilities with Two Zero-days and 17 Critical; Plus 20 Microsoft Edge (Chromium-Based) in August 2022 Patch Tuesday](<https://threatprotect.qualys.com/2022/08/10/microsoft-patches-121-vulnerabilities-with-two-zero-days-and-17-critical-plus-20-microsoft-edge-chromium-based-in-august-2022-patch-tuesday/>)\n * [VMware vRealize Operations Multiple Vulnerabilities Patched in the Latest Security update (CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, & CVE-2022-31675)](<https://threatprotect.qualys.com/2022/08/10/vmware-vrealize-operations-multiple-vulnerabilities-patched-in-the-latest-security-update-cve-2022-31672-cve-2022-31673-cve-2022-31674-cve-2022-31675/>)\n\n* * *\n\n## Discover and Prioritize Vulnerabilities in [Vulnerability Management Detection Response (VMDR)](<https://www.qualys.com/apps/vulnerability-management-detection-response/>) \n\nQualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its KnowledgeBase (KB). \n\nYou can see all your impacted hosts by these vulnerabilities using the following QQL query:\n \n \n vulnerabilities.vulnerability:( qid:`91937` OR qid:`91938` OR qid:`91939` OR qid:`91940` OR qid:`91941` OR qid:`91942` OR qid:`91943` OR qid:`91944` OR qid:`91945` OR qid:`91946` OR qid:`91947` OR qid:`110415` OR qid:`110416` OR qid:`377590` ) \n\n![](https://blog.qualys.com/wp-content/uploads/2022/09/VMDR-September2022-1070x488.png)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) [Qualys VMDR Recognized as Best VM Solution by SC Awards 2022 & Leader by GigaOm](<https://blog.qualys.com/product-tech/2022/08/22/qualys-vmdr-recognized-as-best-vm-solution-by-sc-awards-2022-leader-by-gigaom>) **_New_**\n\n![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) [A Deep Dive into VMDR 2.0 with Qualys TruRisk\u2122](<https://blog.qualys.com/product-tech/2022/08/08/a-deep-dive-into-vmdr-2-0-with-qualys-trurisk>)\n\n* * *\n\n## Rapid Response with [Patch Management (PM)](<https://www.qualys.com/apps/patch-management/>)\n\nVMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the \u201cMissing\u201d patches to identify and deploy the applicable, available patches with one click.\n\nThe following QQL will return the missing patches for this Patch Tuesday:\n \n \n ( qid:`91937` OR qid:`91938` OR qid:`91939` OR qid:`91940` OR qid:`91941` OR qid:`91942` OR qid:`91943` OR qid:`91944` OR qid:`91945` OR qid:`91946` OR qid:`91947` OR qid:`110415` OR qid:`110416` OR qid:`377590` ) \n\n![](https://blog.qualys.com/wp-content/uploads/2022/09/PATCH-September2022-1070x488.png)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) [Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications](<https://blog.qualys.com/qualys-insights/2022/09/08/let-smart-automation-reduce-the-risk-of-zero-day-attacks-on-third-party-applications-2>) **_New_**\n\n![](https://blog.qualys.com/wp-content/uploads/2022/06/image-4.png) [Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0](<https://blog.qualys.com/product-tech/2022/06/22/risk-based-remediation-powered-by-patch-management-in-qualys-vmdr-2-0>)\n\n* * *\n\n## Evaluate Vendor-Suggested Workarounds with [Policy Compliance](<https://www.qualys.com/forms/policy-compliance/>)\n\nQualys\u2019 [Policy Compliance Control Library](<https://vimeo.com/700790353>) makes it easy to evaluate your technology infrastructure when the current situation requires the implementation of a vendor-suggested workaround. A workaround is a method, sometimes used temporarily, for achieving a task or goal when the usual or planned method isn't working. Information technology often uses a workaround to overcome hardware, programming, or communication problems. Once a problem is fixed, a workaround is usually abandoned. _ [Source](<https://www.techtarget.com/whatis/definition/workaround>)_\n\nThe following Qualys [Policy Compliance Control IDs (CIDs), and System Defined Controls (SDC) ](<https://qualysguard.qg2.apps.qualys.com/qwebhelp/fo_portal/module_pc/controls/controls_lp.htm>)have been updated to support Microsoft recommended workaround for this Patch Tuesday:\n\n#### [CVE-2022-38007](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38007>)** | Azure Guest Configuration and Azure Arc-enabled Servers Elevation of Privilege (EoP) Vulnerability**\n\nThis vulnerability has a CVSSv3.1 score of 7.8/10.\n\nPolicy Compliance Control IDs (CIDs) for Checking Azure Arc-Enabled Servers on Linux:\n\n * **14112**: Status of the services installed on the Linux/UNIX host (stopped, running, failed, dead, \u2026) \n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n#### [CVE-2022-34718](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718>)**** | ****Windows TCP/IP Remote Code Execution (RCE) Vulnerability\n\nThis vulnerability has a CVSSv3.1 score of 9.8/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * **3720**: Status of the 'IPSEC Services' service\n * **14916**: Status of Windows Services \n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation More Likely_**\n\n* * *\n\n#### [CVE-2022-35838](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35838>)****** | **HTTP V3 Denial of Service (DoS) Vulnerability****\n\nThis vulnerability has a CVSSv3.1 score of 7.5/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * **24717**: Status of the 'HTTP/3' service\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n#### [CVE-2022-33679 ](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33679>), [CVE-2022-33647](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33647>)**** | **Windows Kerberos Elevation of Privilege (EoP) Vulnerability**\n\nThese vulnerabilities have a CVSSv3.1 score of 8.1/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * **17108**: Status of the 'KDC support for claims, compound authentication and Kerberos armoring' setting (Enabled / Disabled)\n * **17109**: Status of the 'Kerberos client support for claims, compound authentication and Kerberos armoring' setting\n * **17197**: Status of the 'KDC support for claims, compound authentication, and Kerberos armoring' setting\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\n#### [CVE-2022-38004](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38004>) **| Windows Network File System Remote Code Execution (RCE) Vulnerability** \n\nThis vulnerability has a CVSSv3.1 score of 7.8/10.\n\nPolicy Compliance Control IDs (CIDs):\n\n * **1161**: Status of the 'Fax' service\n * **14916**: Status of Windows Services\n\n[Exploitability Assessment](<https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1>): **_Exploitation Less Likely_**\n\n* * *\n\nThe following QQL will return a posture assessment for the CIDs for this Patch Tuesday:\n \n \n control:( id:`1161` OR id:`3720` OR id:`14112` OR id:`14916` OR id:`14916` OR id:`17108` OR id:`17108` OR id:`17109` OR id:`17109` OR id:`17197` OR id:`17197` OR id:`24717` ) \n\n![](https://blog.qualys.com/wp-content/uploads/2022/09/PC-September2022-1070x488.png)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/qualys-shield.jpg) [Mitigating the Risk of Zero-Day Vulnerabilities by using Compensating Controls](<https://blog.qualys.com/vulnerabilities-threat-research/2022/08/23/mitigating-the-risk-of-zero-day-vulnerabilities-by-using-compensating-controls>) **_New_**\n\n![](https://blog.qualys.com/wp-content/uploads/2022/08/qualys-shield.jpg) [Policy Compliance (PC) | Policy Library Update Blogs](<https://notifications.qualys.com/tag/policy-library>)\n\n* * *\n\n**Patch Tuesday is Complete.**\n\n* * *\n\n# Qualys [This Month in Vulnerabilities and Patches](<https://gateway.on24.com/wcc/eh/3347108/category/97049/patch-tuesday>) Webinar Series \n\n![This image has an empty alt attribute; its file name is image-1070x560.jpeg](https://blog.qualys.com/wp-content/uploads/2022/03/image-1070x560.jpeg)\n\nThe Qualys Research team hosts a monthly webinar series to help our existing customers leverage the seamless integration between Qualys[ Vulnerability Management Detection Response (VMDR)](<https://www.qualys.com/apps/vulnerability-management-detection-response/>) and Qualys [Patch Management](<https://www.qualys.com/apps/patch-management/>). Combining these two solutions can reduce the median time to remediate critical vulnerabilities. \n\nDuring the webcast, we will discuss this month\u2019s high-impact vulnerabilities, including those that are part of this month's Patch Tuesday alert. We will walk you through the necessary steps to address the key vulnerabilities using Qualys VMDR and Qualys Patch Management. \n\n* * *\n\n### **Join the webinar**\n\n## **This Month in Vulnerabilities & Patches**\n\n[Register Now](<https://gateway.on24.com/wcc/eh/3347108/category/97049/patch-tuesday>)\n\n* * *\n\n## NEW & NOTEWORTHY UPCOMING EVENTS\n\nThe content within this section will spotlight Vulnerability Management, Patch Management, Threat Protections, and Policy Compliance adjacent events available to our new and existing customers.\n\n* * *\n\n[WEBINARS](<https://gateway.on24.com/wcc/eh/3347108/category/91385/upcoming-webinars>)\n\n## [Introducing Qualys Threat Thursdays](<https://blog.qualys.com/vulnerabilities-threat-research/2022/09/01/introducing-qualys-threat-research-thursdays>)\n\n![](https://blog.qualys.com/wp-content/uploads/2022/10/ThreatThursday.png)\n\nThe **Qualys Research Team** announces the first in a series of regular monthly webinars covering the latest threat intelligence analysis and insight. Join us each month for Threat Thursdays, where we will zero in on a specific malware or other exploit observed in the wild\u2026 and how to defend against it.\n\nPlease join us for the first [Threat Thursdays](<https://event.on24.com/wcc/r/3925198/52A4000CBD17D2B16AFD5F56B3C9D15A>) monthly webinar where the Qualys Threat Research Team will present the latest threat intelligence\u2026 each and every month! \n\nTo quickly navigate to Threat Thursday blog posts, please use <https://blog.qualys.com/tag/threat-thursday>\n\n* * *\n\n[CONFERENCES](<https://www.qualys.com/qsc/locations/>)\n\n[![](https://blog.qualys.com/wp-content/uploads/2022/10/QSC2022LV.png)](<https://www.qualys.com/qsc/2022/las-vegas/?utm_source=qualys-homepage&utm_medium=event&utm_campaign=homepage-banner-qsc-2022&utm_term=qsc-q4-2022&utm_content=qualys-homepage-qsc&leadsource=344572821>)[Register Now](<https://www.qualys.com/qsc/2022/las-vegas/?utm_source=qualys-homepage&utm_medium=event&utm_campaign=homepage-banner-qsc-2022&utm_term=qsc-q4-2022&utm_content=qualys-homepage-qsc&leadsource=344572821>)\n\n## [Qualys Annual Security Conference](<https://www.qualys.com/qsc/get-notified/#las-vegas/>) #QSC22\n\nNovember 7-10, 2022 \n\nThe Venetian Resort Las Vegas, 3355 Las Vegas Blvd. South, Las Vegas, NV 89109, US\n\n[Book your hotel here](<https://book.passkey.com/gt/218594637?gtid=9914abda1b2fe722d872e0ac3e0bdc09>) & take advantage of the discounted QSC rate of $229+ per night\n\nOr find a conference [near you](<https://www.qualys.com/qsc/locations/>).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T20:00:00", "type": "qualysblog", "title": "September 2022 Patch Tuesday | Microsoft Releases 63 Vulnerabilities with 5 Critical, plus 16 Microsoft Edge (Chromium-Based); Adobe Releases 7 Advisories, 63 Vulnerabilities with 35 Critical.", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0028", "CVE-2022-22047", "CVE-2022-23960", "CVE-2022-26929", "CVE-2022-2856", "CVE-2022-2884", "CVE-2022-30134", "CVE-2022-3075", "CVE-2022-31672", "CVE-2022-31673", "CVE-2022-31674", "CVE-2022-31675", "CVE-2022-32893", "CVE-2022-32894", "CVE-2022-33647", "CVE-2022-33679", "CVE-2022-34718", "CVE-2022-34721", "CVE-2022-34722", "CVE-2022-35838", "CVE-2022-36804", "CVE-2022-37969", "CVE-2022-38004", "CVE-2022-38007", "CVE-2022-38009", "CVE-2022-38012"], "modified": "2022-09-13T20:00:00", "id": "QUALYSBLOG:DE2E40D3BB574E53C7448F3A304849C9", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2023-01-13T10:51:25", "description": "None\n## Summary\n\nThis security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint remote code execution vulnerability. To learn more about the vulnerabilities, see the following security advisories:\n\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-37961](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37961>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-38008](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38008>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-38009](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38009>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-35823](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35823>)\n\n**Notes: **\n\n * This is build **16.0.10390.20000** of the security update package.\n * To apply this security update, you must have the release version of Microsoft SharePoint Server 2019 installed on the computer.\n\n## Improvements and fixes\n\nThis security update contains a fix for the following nonsecurity issue in SharePoint Server 2019:\n\n * Fixes an issue in which the Language Detection feature uses the wrong hint during content processing.\nThis security update also contains an improvement and fixes the following nonsecurity issues. To enable the new feature and fix these issues completely, you have to install KB 5002257 together with this update.\n\n * Adds a new feature for SharePoint Server 2019 End of Support Notification.\n * Fixes an issue in which you cannot rename a file or folder if the URL contains double-byte characters.\n * Fixes an issue in which the left navigation pane or the Quick Launch menu is missing because of missing \"version hash\" for JavaScript files.\n * Fixes an issue in which the web part renders incorrectly because of lazy loading in modern pages.\n * Fixes an issue in which you cannot set list item properties after you replace a document of the same name.\n * Fixes an issue in which the \"people\" column (for the **Person or Group** column type) displays the User ID instead of the name if any required fields are not filled.\nThis security update also contains a fix in Project Server:\n * Fixes an issue in which you may not be able to update resources by using the client-side object model (CSOM) if a remote event handler is attached to a resource event, such as Resource Changing.\n\n## Known issues in this update\n\n * Some Web Part Pages Web Service methods may be affected after you apply the September 2022 security update. For more information, see Web Part Pages Web Service methods may be blocked after applying the September 2022 security update for SharePoint Server (KB5017733).\n * Some SharePoint 2010 workflow scenarios may be blocked. For more information, see SharePoint 2010 workflows may be blocked by enhanced security policy (KB5017760).\n * This security update introduces a change in SharePoint Server that will affect customers who use the Document Generation capability in Nintex Workflow. Nintex Workflow customers must take additional action after this security update is installed to make sure that workflows can be published and run. For more information, see <https://go.microsoft.com/fwlink/?LinkId=2206156>. For support for Nintex Workflow, contact Nintex.\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5002258>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 5002258 for the 64-bit version of SharePoint Server 2019](<http://www.microsoft.com/download/details.aspx?familyid=df4dec61-80ba-4027-8bca-07c92570f48e>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [Deployments - Security Update Guide](<https://msrc.microsoft.com/update-guide/deployments>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [5002212](<http://support.microsoft.com/kb/5002212>).\n\n### File hash information\n\nFile name| SHA256 hash \n---|--- \nsts2019-kb5002258-fullfile-x64-glb.exe| E9A1958AC9771ABB3DF02AB094ED61C08C1C508E6EA6F290525F1D7F502F9F0D \n \n### File information\n\nThe English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n#### \n\n__\n\nFor all supported x64-based versions of SharePoint Server 2019\n\nFile identifier| File name| File version| File size| Date| Time \n---|---|---|---|---|--- \nvideothumbnailer.exe| videothumbnailer.exe| 16.0.10390.20000| 23984| 16-Aug-22| 04:43 \ndlcworkflowactions_dll| microsoft.office.workflow.actions.dll| 16.0.10390.20000| 153520| 16-Aug-22| 04:43 \ndlcworkflowactionsvs_dll| microsoft.office.workflow.actions.dll| 16.0.10390.20000| 153520| 16-Aug-22| 04:43 \nmicrosoft.office.workflow.feature.dll| microsoft.office.workflow.feature.dll| 16.0.10390.20000| 33712| 16-Aug-22| 04:43 \nmicrosoft.office.workflow.pages.dll| microsoft.office.workflow.pages.dll| 16.0.10390.20000| 93104| 16-Aug-22| 04:43 \ndlc.workflow.routing.dll| microsoft.office.workflow.routing.dll| 16.0.10390.20000| 124336| 16-Aug-22| 04:43 \ndlc.workflow.tasks.dll| microsoft.office.workflow.tasks.dll| 16.0.10390.20000| 45472| 16-Aug-22| 04:43 \ndlc.workflow.tasks.dll2| microsoft.office.workflow.tasks.dll| 16.0.10390.20000| 45472| 16-Aug-22| 04:43 \nmicrosoft.office.workflowsoap.dll| microsoft.office.workflowsoap.dll| 16.0.10390.20000| 57248| 16-Aug-22| 04:43 \ndw20.exe_0001| dw20.exe| 16.0.10390.20000| 2139608| 16-Aug-22| 02:27 \ndwtrig20.exe| dwtrig20.exe| 16.0.10390.20000| 319976| 16-Aug-22| 02:27 \nmicrosoft.office.server.directory| microsoft.office.server.directory.dll| 16.0.10390.20000| 1375712| 16-Aug-22| 02:25 \nppt.conversion.gkpowerpoint.dll| gkpowerpoint.dll| 16.0.10390.20000| 3488704| 16-Aug-22| 02:24 \nwac.word.gkword.dll| gkword.dll| 16.0.10390.20000| 4608976| 16-Aug-22| 02:24 \nwdsrv.conversion.gkword.dll| gkword.dll| 16.0.10390.20000| 4608976| 16-Aug-22| 02:24 \nconversion.office.gfxserver.dll| gfxserver.dll| 16.0.10390.20000| 5278672| 16-Aug-22| 02:25 \nppt.conversion.gfxserver.dll| gfxserver.dll| 16.0.10390.20000| 5278672| 16-Aug-22| 02:25 \nppt.edit.gfxserver.dll| gfxserver.dll| 16.0.10390.20000| 5278672| 16-Aug-22| 02:25 \nwac.office.gfxserver.dll| gfxserver.dll| 16.0.10390.20000| 5278672| 16-Aug-22| 02:25 \nconversion.igxserver.dll| igxserver.dll| 16.0.10390.20000| 12130232| 16-Aug-22| 02:29 \nppt.conversion.igxserver.dll| igxserver.dll| 16.0.10390.20000| 12130232| 16-Aug-22| 02:29 \nppt.edit.igxserver.dll| igxserver.dll| 16.0.10390.20000| 12130232| 16-Aug-22| 02:29 \nwac.office.igxserver.dll| igxserver.dll| 16.0.10390.20000| 12130232| 16-Aug-22| 02:29 \nsltemp.asc| sldlibtemplates.ascx| | 12554| 16-Aug-22| 02:29 \nsldlib.js| sldlib.js| | 29295| 16-Aug-22| 02:26 \neditdlg.htm_slfeat| editdlg.htm| | 4796| 16-Aug-22| 02:25 \nfiledlg.htm_slfeat| filedlg.htm| | 3344| 16-Aug-22| 02:25 \nclientx.dll| microsoft.office.sharepoint.clientextensions.dll| 16.0.10390.20000| 382944| 16-Aug-22| 02:29 \nclientxr.dll.x64| microsoft.office.sharepoint.clientextensions.dll| 16.0.10390.20000| 382944| 16-Aug-22| 02:29 \nmicrosoft.office.server.chart.dll| microsoft.office.server.chart.dll| 16.0.10390.20000| 615888| 16-Aug-22| 02:29 \nmicrosoft.office.server.chart_gac.dll| microsoft.office.server.chart.dll| 16.0.10390.20000| 615888| 16-Aug-22| 02:29 \nas_adal_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| adal.dll| | 1456656| 9-Aug-22| 06:11 \nas_adal_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| adal.dll| | 1784544| 9-Aug-22| 06:11 \nas_azureclient_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| microsoft.analysisservices.azureclient.dll| | 316496| 9-Aug-22| 06:11 \nas_azureclient_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| microsoft.analysisservices.azureclient.dll| | 316496| 9-Aug-22| 06:12 \nas_client_db2v0801_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| db2v0801.xsl| | 30717| 9-Aug-22| 06:12 \nas_client_db2v0801_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| db2v0801.xsl| | 30717| 9-Aug-22| 06:12 \nas_client_hive_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| hive.xsl| | 81782| 9-Aug-22| 06:12 \nas_client_hive_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| hive.xsl| | 81782| 9-Aug-22| 06:12 \nas_client_msql_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msql.xsl| | 128792| 9-Aug-22| 06:11 \nas_client_msql_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msql.xsl| | 128792| 9-Aug-22| 06:11 \nas_client_orcl7_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| orcl7.xsl| | 95739| 9-Aug-22| 06:11 \nas_client_orcl7_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| orcl7.xsl| | 95739| 9-Aug-22| 06:11 \nas_client_sqlpdw_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sqlpdw.xsl| | 105635| 9-Aug-22| 06:11 \nas_client_sqlpdw_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sqlpdw.xsl| | 105635| 9-Aug-22| 06:11 \nas_client_trdtv2r41_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| trdtv2r41.xsl| | 105800| 9-Aug-22| 06:11 \nas_client_trdtv2r41_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| trdtv2r41.xsl| | 105800| 9-Aug-22| 06:11 \nas_client_xmsrv_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmsrv.dll| | 35081808| 9-Aug-22| 06:12 \nas_client_xmsrv_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmsrv.dll| | 25498704| 9-Aug-22| 06:11 \nas_clientas80_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| as80.xsl| | 17484| 9-Aug-22| 06:11 \nas_clientas80_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| as80.xsl| | 17484| 9-Aug-22| 06:11 \nas_clientas90_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| as90.xsl| | 20021| 9-Aug-22| 06:11 \nas_clientas90_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| as90.xsl| | 20021| 9-Aug-22| 06:11 \nas_clientinformix_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| informix.xsl| | 32145| 9-Aug-22| 06:12 \nas_clientinformix_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| informix.xsl| | 32145| 9-Aug-22| 06:12 \nas_clientmsjet_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msjet.xsl| | 30427| 9-Aug-22| 06:11 \nas_clientmsjet_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msjet.xsl| | 30427| 9-Aug-22| 06:11 \nas_clientmsmgdsrv_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmgdsrv.dll| | 7638824| 9-Aug-22| 06:11 \nas_clientmsmgdsrv_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmgdsrv.dll| | 9328720| 9-Aug-22| 06:12 \nas_clientsql120_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql120.xsl| | 135247| 9-Aug-22| 06:11 \nas_clientsql120_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql120.xsl| | 135247| 9-Aug-22| 06:11 \nas_clientsql2000_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql2000.xsl| | 35014| 9-Aug-22| 06:11 \nas_clientsql2000_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql2000.xsl| | 35014| 9-Aug-22| 06:11 \nas_clientsql70_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql70.xsl| | 33181| 9-Aug-22| 06:12 \nas_clientsql70_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql70.xsl| | 33181| 9-Aug-22| 06:12 \nas_clientsql90_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql90.xsl| | 136426| 9-Aug-22| 06:12 \nas_clientsql90_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sql90.xsl| | 136426| 9-Aug-22| 06:12 \nas_clientsybase_xsl_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sybase.xsl| | 30964| 9-Aug-22| 06:11 \nas_clientsybase_xsl_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sybase.xsl| | 30964| 9-Aug-22| 06:11 \nas_msmdlocal_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmdlocal.dll| | 45813840| 9-Aug-22| 06:12 \nas_msmdlocal_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msmdlocal.dll| | 63495968| 9-Aug-22| 06:13 \nas_msolap_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolap.dll| | 7999272| 9-Aug-22| 06:13 \nas_msolap_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolap.dll| | 10331936| 9-Aug-22| 06:13 \nas_msolui_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolui.dll| | 292128| 9-Aug-22| 06:11 \nas_msolui_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| msolui.dll| | 312616| 9-Aug-22| 06:11 \nas_sqldumper_exe_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sqldumper.exe| | 147560| 9-Aug-22| 06:12 \nas_sqldumper_exe_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| sqldumper.exe| | 172368| 9-Aug-22| 06:12 \nas_xmlrw_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrw.dll| | 289376| 9-Aug-22| 06:11 \nas_xmlrw_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrw.dll| | 333928| 9-Aug-22| 06:12 \nas_xmlrwbin_dll_32.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrwbin.dll| | 194152| 9-Aug-22| 06:12 \nas_xmlrwbin_dll_64.b77a7d1e_2d54_42cb_81a8_c5262ccc792b| xmlrwbin.dll| | 224864| 9-Aug-22| 06:12 \nconversion.office.mso99lres.dll| mso99lres.dll| 16.0.10390.20000| 14981576| 16-Aug-22| 02:29 \nppt.conversion.mso99lres.dll| mso99lres.dll| 16.0.10390.20000| 14981576| 16-Aug-22| 02:29 \nppt.edit.mso99lres.dll| mso99lres.dll| 16.0.10390.20000| 14981576| 16-Aug-22| 02:29 \nwac.office.mso99lres.dll| mso99lres.dll| 16.0.10390.20000| 14981576| 16-Aug-22| 02:29 \nconversion.office.mso20win32server.dll| mso20win32server.dll| 16.0.10390.20000| 4418000| 16-Aug-22| 02:26 \nmso.mso20win32server.dll| mso20win32server.dll| 16.0.10390.20000| 4418000| 16-Aug-22| 02:26 \nppt.conversion.mso20win32server.dll| mso20win32server.dll| 16.0.10390.20000| 4418000| 16-Aug-22| 02:26 \nppt.edit.mso20win32server.dll| mso20win32server.dll| 16.0.10390.20000| 4418000| 16-Aug-22| 02:26 \nwac.office.mso20win32server.dll| mso20win32server.dll| 16.0.10390.20000| 4418000| 16-Aug-22| 02:26 \nconversion.office.mso30win32server.dll| mso30win32server.dll| 16.0.10390.20000| 5586368| 16-Aug-22| 02:26 \nmso.mso30win32server.dll| mso30win32server.dll| 16.0.10390.20000| 5586368| 16-Aug-22| 02:26 \nppt.conversion.mso30win32server.dll| mso30win32server.dll| 16.0.10390.20000| 5586368| 16-Aug-22| 02:26 \nppt.edit.mso30win32server.dll| mso30win32server.dll| 16.0.10390.20000| 5586368| 16-Aug-22| 02:26 \nwac.office.mso30win32server.dll| mso30win32server.dll| 16.0.10390.20000| 5586368| 16-Aug-22| 02:26 \nconversion.office.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10390.20000| 12499896| 16-Aug-22| 02:29 \nppt.conversion.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10390.20000| 12499896| 16-Aug-22| 02:29 \nppt.edit.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10390.20000| 12499896| 16-Aug-22| 02:29 \nwac.office.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.10390.20000| 12499896| 16-Aug-22| 02:29 \nconversion.office.mso98win32server.dll| mso98win32server.dll| 16.0.10390.20000| 3954624| 16-Aug-22| 02:26 \nppt.conversion.mso98win32server.dll| mso98win32server.dll| 16.0.10390.20000| 3954624| 16-Aug-22| 02:26 \nppt.edit.mso98win32server.dll| mso98win32server.dll| 16.0.10390.20000| 3954624| 16-Aug-22| 02:26 \nwac.office.mso98win32server.dll| mso98win32server.dll| 16.0.10390.20000| 3954624| 16-Aug-22| 02:26 \nconversion.office.msoserver.dll| msoserver.dll| 16.0.10390.20000| 14487488| 16-Aug-22| 02:29 \nppt.conversion.msoserver.dll| msoserver.dll| 16.0.10390.20000| 14487488| 16-Aug-22| 02:29 \nppt.edit.msoserver.dll| msoserver.dll| 16.0.10390.20000| 14487488| 16-Aug-22| 02:29 \nwac.office.msoserver.dll| msoserver.dll| 16.0.10390.20000| 14487488| 16-Aug-22| 02:29 \nconversion.office.msores.dll| msores.dll| 16.0.10390.20000| 73690064| 16-Aug-22| 02:29 \nppt.conversion.msores.dll| msores.dll| 16.0.10390.20000| 73690064| 16-Aug-22| 02:29 \nppt.edit.msores.dll| msores.dll| 16.0.10390.20000| 73690064| 16-Aug-22| 02:29 \nwac.office.msores.dll| msores.dll| 16.0.10390.20000| 73690064| 16-Aug-22| 02:29 \nmicrosoft.office.web.environment.officeserver.dll| microsoft.office.web.environment.officeserver.dll| 16.0.10390.20000| 63456| 16-Aug-22| 02:29 \nmicrosoft.office.web.common.dll| microsoft.office.web.common.dll| 16.0.10390.20000| 1974200| 16-Aug-22| 02:29 \nnl7data0011.dll_osssearch| nl7data0011.dll| 16.0.10390.20000| 7783928| 16-Aug-22| 02:29 \nnl7data0404.dll_osssearch| nl7data0404.dll| 16.0.10390.20000| 2709536| 16-Aug-22| 02:29 \nnl7data0804.dll_osssearch| nl7data0804.dll| 16.0.10390.20000| 3589136| 16-Aug-22| 02:29 \nprm0009.bin_osssearch| prm0009.bin| | 13237760| 16-Aug-22| 02:29 \nconversion.oartodfserver.dll| oartodfserver.dll| 16.0.10390.20000| 3556800| 16-Aug-22| 02:29 \nppt.conversion.oartodfserver.dll| oartodfserver.dll| 16.0.10390.20000| 3556800| 16-Aug-22| 02:29 \nppt.edit.oartodfserver.dll| oartodfserver.dll| 16.0.10390.20000| 3556800| 16-Aug-22| 02:29 \nwac.office.oartodfserver.dll| oartodfserver.dll| 16.0.10390.20000| 3556800| 16-Aug-22| 02:29 \nconversion.office.oartserver.dll| oartserver.dll| 16.0.10390.20000| 18205632| 16-Aug-22| 02:29 \nppt.conversion.oartserver.dll| oartserver.dll| 16.0.10390.20000| 18205632| 16-Aug-22| 02:29 \nppt.edit.oartserver.dll| oartserver.dll| 16.0.10390.20000| 18205632| 16-Aug-22| 02:29 \nwac.office.oartserver.dll| oartserver.dll| 16.0.10390.20000| 18205632| 16-Aug-22| 02:29 \nmicrosoft.office.connectedservices.identity.dll| microsoft.office.connectedservices.identity.dll| 16.0.10390.20000| 63952| 16-Aug-22| 02:29 \noss.queryboxd_js| querybox.all.debug.js| | 1872056| 9-Aug-22| 06:08 \noss.querybox_js| querybox.all.js| | 268608| 9-Aug-22| 06:08 \nconversion.cultures.office.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \noffice.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \nppt.conversion.cultures.office.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \nvisioserver.cultures.office.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \nwac.conversion.cultures.office.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \nwac.powerpoint.edit.bin.cultures.office.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \nxlsrv.ecs.culture.office.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \nxlsrv.ecs.office.odf| office.odf| | 2225616| 16-Aug-22| 02:29 \nhtmlchkr.dll.x64| htmlchkr.dll| 16.0.10390.20000| 1150408| 16-Aug-22| 02:26 \nconversionhtmlutil.dll| htmlutil.dll| 16.0.10390.20000| 2856400| 16-Aug-22| 02:26 \nbusdata.dll| microsoft.businessdata.dll| 16.0.10390.20000| 132072| 16-Aug-22| 02:26 \nbusdatar.dll.x64| microsoft.businessdata.dll| 16.0.10390.20000| 132072| 16-Aug-22| 02:26 \nmicrosoft_web_design_server.dll| microsoft.web.design.server.dll| 16.0.10390.20000| 398320| 16-Aug-22| 02:26 \nonetnative.dll| onetnative.dll| 16.0.10390.20000| 812992| 16-Aug-22| 02:26 \nonetnative_1.dll| onetnative.dll| 16.0.10390.20000| 812992| 16-Aug-22| 02:26 \nonetutil.dll| onetutil.dll| 16.0.10390.20000| 2867152| 16-Aug-22| 02:26 \nconversion.office.osfserver.dll| osfserver.dll| 16.0.10390.20000| 165824| 16-Aug-22| 02:26 \nwac.office.osfserver.dll| osfserver.dll| 16.0.10390.20000| 165824| 16-Aug-22| 02:26 \nconversion.office.osfsharedserver.dll| osfsharedserver.dll| 16.0.10390.20000| 739280| 16-Aug-22| 02:26 \nwac.office.osfsharedserver.dll| osfsharedserver.dll| 16.0.10390.20000| 739280| 16-Aug-22| 02:26 \nconversion.office.osfuiserver.dll| osfuiserver.dll| 16.0.10390.20000| 488888| 16-Aug-22| 02:26 \nwac.office.osfuiserver.dll| osfuiserver.dll| 16.0.10390.20000| 488888| 16-Aug-22| 02:26 \nosfserver_activities_dll.x64| microsoft.sharepoint.workflowservices.activities.dll| 16.0.10390.20000| 287192| 16-Aug-22| 02:26 \nosfserver_workflow_dll| microsoft.sharepoint.workflowservices.dll| 16.0.10390.20000| 499696| 16-Aug-22| 02:26 \nosfextap.dll| microsoft.sharepoint.officeextension.applicationpages.dll| 16.0.10390.20000| 17376| 16-Aug-22| 02:29 \noffice_extension_manager_js| sp.officeextensionmanager.js| | 53407| 16-Aug-22| 02:29 \nmicrosoft.office.serviceinfrastructure.runtime.dll| microsoft.office.serviceinfrastructure.runtime.dll| 16.0.10390.20000| 1054208| 16-Aug-22| 02:27 \nosrvadml.xml| officeserveradminlinks.xml| | 3483| 9-Aug-22| 06:03 \nugcdot.xml| feature.xml| | 629| 9-Aug-22| 06:09 \nmicrosoft.office.server.directory.sharepoint| microsoft.office.server.directory.sharepoint.dll| 16.0.10390.20000| 748520| 16-Aug-22| 02:26 \nmicrosoft.office.server.dll| microsoft.office.server.dll| 16.0.10390.20000| 3043760| 16-Aug-22| 02:26 \nmicrosoft.office.server.dll_isapi| microsoft.office.server.dll| 16.0.10390.20000| 3043760| 16-Aug-22| 02:26 \nmicrosoft.office.server.filtercontrols.dll| microsoft.office.server.filtercontrols.dll| 16.0.10390.20000| 159184| 16-Aug-22| 02:26 \nmicrosoft.office.server.importprofileproperties| microsoft.office.server.importprofileproperties.dll| 16.0.10390.20000| 78832| 16-Aug-22| 02:26 \nosrvintl.dll| microsoft.office.server.intl.dll| 16.0.10390.20000| 288736| 16-Aug-22| 02:26 \nmicrosoft.office.server.openxml.dll| microsoft.office.server.openxml.dll| 16.0.10390.20000| 1659328| 16-Aug-22| 02:26 \nmicrosoft.office.server.userprofiles.dll| microsoft.office.server.userprofiles.dll| 16.0.10390.20000| 5338072| 16-Aug-22| 02:26 \nmicrosoft.office.server.userprofiles.dll_isapi| microsoft.office.server.userprofiles.dll| 16.0.10390.20000| 5338072| 16-Aug-22| 02:26 \nmicrosoft.sharepoint.taxonomy.dll| microsoft.sharepoint.taxonomy.dll| 16.0.10390.20000| 1745368| 16-Aug-22| 02:26 \nmicrosoft.sharepoint.taxonomy.dll_gac| microsoft.sharepoint.taxonomy.dll| 16.0.10390.20000| 1745368| 16-Aug-22| 02:26 \nmicrosoft.sharepoint.taxonomy.dll_gac1| microsoft.sharepoint.taxonomy.dll| 16.0.10390.20000| 1745368| 16-Aug-22| 02:26 \nmicrosoft.office.server.userprofiles.proxy.dll| microsoft.office.server.userprofiles.dll| 16.0.10390.20000| 1467384| 16-Aug-22| 02:29 \nscriptresources.rsx| scriptresources.resx| | 18203| 16-Aug-22| 02:26 \nscriptforwebtaggingui.js| scriptforwebtaggingui.js| | 132939| 9-Aug-22| 06:03 \nsp.ui.taxonomy.js| sp.ui.taxonomy.js| | 46516| 9-Aug-22| 06:03 \newafieldlist.png| ewafieldlist.png| | 3210| 6-Aug-19| 10:21 \newanov.png| ewanov.png| | 6857| 6-Aug-19| 10:21 \newaribbonchart.png| ewaribbonchart.png| | 13248| 6-Aug-19| 10:21 \newaribboninsert.png| ewaribboninsert.png| | 46008| 6-Aug-19| 10:21 \newaribbonview.png| ewaribbonview.png| | 1940| 6-Aug-19| 10:21 \newaanth.gif| ewaanth.gif| | 216| 6-Aug-19| 10:22 \newaantv.gif| ewaantv.gif| | 213| 6-Aug-19| 10:22 \newr023.gif| ewr023.gif| | 908| 6-Aug-19| 10:22 \nfavicon_excel.ico| favicon_excel.ico| | 8958| 6-Aug-19| 10:22 \nopenfromurl.web.favicon_excel.ico| favicon_excel.ico| | 8958| 6-Aug-19| 10:22 \nmediaplayer.xap| mediaplayer.xap| | 55190| 16-Aug-22| 05:05 \ndecompositiontree.xap| decompositiontree.xap| | 121775| 16-Aug-22| 05:05 \naddgal.xap| addgallery.xap| | 423416| 16-Aug-22| 05:05 \nwpgalim.xap| webpartgalleryimages.xap| | 110797| 16-Aug-22| 05:05 \naddgallery.xap_silverlight| addgallery.xap| | 389657| 16-Aug-22| 05:05 \nmicrosoft.sharepoint.client.xap| microsoft.sharepoint.client.xap| | 324260| 16-Aug-22| 05:05 \ndsigres.cab.x64| dsigres.cab| | 233647| 16-Aug-22| 05:05 \ndsigres.cab.x64_10266| dsigres.cab| | 233647| 16-Aug-22| 05:05 \ndsigres.cab.x64_1033| dsigres.cab| | 233647| 16-Aug-22| 05:05 \ndsigres.cab.x64_1087| dsigres.cab| | 233647| 16-Aug-22| 05:05 \ndsigctrl.cab.x64| dsigctrl.cab| | 483471| 16-Aug-22| 05:05 \ndsigres.cab.x86| dsigres.cab| | 195781| 16-Aug-22| 05:07 \ndsigres.cab.x86_10266| dsigres.cab| | 195781| 16-Aug-22| 05:07 \ndsigres.cab.x86_1033| dsigres.cab| | 195781| 16-Aug-22| 05:07 \ndsigres.cab.x86_1087| dsigres.cab| | 195781| 16-Aug-22| 05:07 \ndsigctrl.cab.x86| dsigctrl.cab| | 530533| 16-Aug-22| 05:07 \nmossbi.wfe.gac.scorecards.client.dll| microsoft.performancepoint.scorecards.client.dll| 16.0.10390.20000| 2234888| 16-Aug-22| 02:29 \nmossbi.wfe.gac.scorecards.servercommon.dll| microsoft.performancepoint.scorecards.servercommon.dll| 16.0.10390.20000| 334864| 16-Aug-22| 02:29 \nmossbi.wfe.gac.scorecards.webcontrols.dll| microsoft.performancepoint.scorecards.webcontrols.dll| 16.0.10390.20000| 346120| 16-Aug-22| 02:29 \nppt.conversion.ppserver.dll| ppserver.dll| 16.0.10390.20000| 12355032| 16-Aug-22| 02:29 \nppt.edit.ppserver.dll| ppserver.dll| 16.0.10390.20000| 12355032| 16-Aug-22| 02:29 \nppt.conversion.webclient.config| client.config| | 2059| 9-Aug-22| 06:04 \nppt.conversion.web.config| web.config| | 3375| 9-Aug-22| 06:04 \nmicrosoft.office.server.powerpoint.dll| microsoft.office.server.powerpoint.dll| 16.0.10390.20000| 110048| 16-Aug-22| 02:27 \npowerpointpowershell.format.ps1xml| powerpointpowershell.format.ps1xml| | 15997| 9-Aug-22| 06:10 \npjintl_1_new.dll| pjintl.dll| 16.0.10390.20000| 4899800| 16-Aug-22| 02:27 \nschedengine_new.exe| schedengine.exe| 16.0.10390.20000| 16475112| 16-Aug-22| 02:28 \nmicrosoft.projectserver.client.silverlight.dll| microsoft.projectserver.client.silverlight.dll| 16.0.10390.20000| 397264| 16-Aug-22| 02:29 \nmicrosoft.projectserver.client.phone.dll| microsoft.projectserver.client.phone.dll| 16.0.10390.20000| 397240| 16-Aug-22| 02:27 \ncontentdatabasecreate.sql| contentdatabasecreate.sql| | 8503298| 16-Aug-22| 02:27 \nmicrosoft.office.project.schema.dll| microsoft.office.project.schema.dll| 16.0.10390.20000| 6845368| 16-Aug-22| 02:26 \nmicrosoft.office.project.server.communications.dll| microsoft.office.project.server.communications.dll| 16.0.10390.20000| 372672| 16-Aug-22| 02:26 \nmicrosoft.office.project.server.communications.internal.dll| microsoft.office.project.server.communications.internal.dll| 16.0.10390.20000| 762832| 16-Aug-22| 02:26 \nmicrosoft.office.project.server.database.dll| microsoft.office.project.server.database.dll| 16.0.10390.20000| 10476480| 16-Aug-22| 02:26 \nmicrosoft.office.project.server.database.extension.dll| microsoft.office.project.server.database.extension.dll| 16.0.10390.20000| 4397520| 16-Aug-22| 02:26 \nmicrosoft.office.project.server.dll| microsoft.office.project.server.dll| 16.0.10390.20000| 9624008| 16-Aug-22| 02:26 \nmicrosoft.office.project.server.events.receivers.dll| microsoft.office.project.server.events.receivers.dll| 16.0.10390.20000| 239040| 16-Aug-22| 02:26 \nsdk.microsoft.office.project.server.events.receivers.dll| microsoft.office.project.server.events.receivers.dll| 16.0.10390.20000| 239040| 16-Aug-22| 02:26 \nmicrosoft.office.project.server.events.remote.dll| microsoft.office.project.server.events.remote.dll| 16.0.10390.20000| 60368| 16-Aug-22| 02:26 \nsts_spclientnewuxc2afa7d8529997c56a4e51d04983e222| accdb_96x2_f19a240c216041f8340b2359f6e29f04.png| | 2803| 8-Aug-22| 12:52 \nsts_spclientnewux2ed5d89277491e397d6ec3b71250fae1| accdb_96x3_8e8b5adf844ef4312e7d931766334f45.png| | 3608| 8-Aug-22| 12:52 \nsts_spclientnewux14c8fe43cdc82d9d166d701bd836b8ec| access_16x1_5_6948cb3cea4684b50b85de45f9b82037.png| | 563| 8-Aug-22| 12:52 \nsts_spclientnewux3c2fdf4bd33157d4a3386eefb4744580| access_16x1_653b762c1ed72b0cd5b2164c7a35061d.png| | 420| 8-Aug-22| 12:52 \nsts_spclientnewuxd8f6bfd86b57ea434499bd89e9f22486| access_16x2_5b6264abef342b1f7dc79a4dee157bba.png| | 748| 8-Aug-22| 12:52 \nsts_spclientnewux6890f53aa7f13964d849f8ec6de01de2| access_16x3_b551babd1e8a6affdc154783705f5b1b.png| | 1949| 8-Aug-22| 12:52 \nsts_spclientnewux7f88e1613b37e837b95938a039151a46| access_48x1_5_87c3cb72d13b5a1db3c5ab9f6964639e.png| | 3091| 8-Aug-22| 12:52 \nsts_spclientnewuxc583ff03963ae5cc3195ec74400299a5| access_48x1_b551babd1e8a6affdc154783705f5b1b.png| | 1949| 8-Aug-22| 12:52 \nsts_spclientnewuxe03ddd3385bd20a0bbbdd68ea08b7d64| access_48x2_acaeab4e1dc07494d3c12508ee54e87e.png| | 4121| 8-Aug-22| 12:52 \nsts_spclientnewux8c1601cd0029740cd2e28ec325ddfde6| access_48x3_41d48725aebf48317d44ac138398cbb2.png| | 6499| 8-Aug-22| 12:52 \nsts_spclientnewux8a29272c7a6e1b22baa47e2a554fdbb4| access_96x1_5_87396554873581bffca1ab0bcd2e6d00.png| | 6442| 8-Aug-22| 12:52 \nsts_spclientnewuxfad8527840cb2dba2ea883f4c0ee1311| access_96x1_bb9c816b5bf213c6ac5babe26ba5e7df.png| | 4114| 8-Aug-22| 12:52 \nsts_spclientnewux0cc4b0020573f648597e787d81ed8b05| access_96x2_8614021e7b018cb8dbe7f3f4ca35fd60.png| | 8391| 8-Aug-22| 12:52 \nsts_spclientnewux11ad913a5bc7fde805672e3c890114ed| access_96x3_01528343f06f9f32762c2196fa40279f.png| | 13652| 8-Aug-22| 12:52 \nsts_spclientnewuxcf9063f036a2e975629266aaa103d655| af8be689-990e-492a-81f7-ba3e4cd3ed9c.json| | 15397| 10-Aug-22| 10:02 \nsts_spclientnewuxd98a7a0da89134c14b2cda056449e632| b19b3b9e-8d13-4fec-a93c-401a091c0707.json| | 15301| 10-Aug-22| 10:02 \nsts_spclientnewuxace5b731b919c7ebcd1f9d3db7abd3ab| b6917cb1-93a0-4b97-a84d-7cf49975d4ec.json| | 6624| 8-Aug-22| 12:52 \nsts_spclientnewux79892d83bd937bf01186bd091972e9a1| b7dd04e1-19ce-4b24-9132-b60a1c2b910d.json| | 23126| 10-Aug-22| 10:02 \nsts_spclientnewuxf5e9c8e2184df5b63ca16f1319fa7960| c4bd7b2f-7b6e-4599-8485-16504575f590.json| | 15854| 10-Aug-22| 10:02 \nsts_spclientnewux7e3c7f016142a2f71b28f9d75fc43958| c70391ea-0b10-4ee9-b2b4-006d3fcad0cd.json| | 14970| 10-Aug-22| 10:02 \nsts_spclientnewux408dd0ffcb6b1d88eceefc32163a8518| cbe7b0a9-3504-44dd-a3a3-0e5cacd07788.json| | 14195| 10-Aug-22| 10:02 \nsts_spclientnewuxa3264eecc8f003b168703c1a15995ffa| csv_16x1_4fc16f1723ce4839abdc01f2a901a384.png| | 1477| 8-Aug-22| 12:52 \nsts_spclientnewuxe4618744896cc0d2c40cea603b3b11fb| csv_16x1_5_4dabadab978dd4d83fe47c01e7d23573.png| | 1641| 8-Aug-22| 12:52 \nsts_spclientnewux67f4b89c4654d5a85a60833cf03840bf| csv_16x2_1e5c3167954f56367fa27253c6c56144.png| | 1592| 8-Aug-22| 12:52 \nsts_spclientnewuxe3baff1c9491c7372651ec160e90bb27| csv_16x3_28cdb33a6661b3b060346f31c621495c.png| | 1126| 8-Aug-22| 12:52 \nsts_spclientnewuxfc3f482373df3b4e21bb588dfe2b3155| csv_48x1_07020046013917eefc2be8e1787e9dca.png| | 2027| 8-Aug-22| 12:52 \nsts_spclientnewux9bad21b1c841989e60f9a6df3c789647| csv_48x1_5_d148f7369cd5f3a4d477c5d700fee676.png| | 2321| 8-Aug-22| 12:52 \nsts_spclientnewux4b4a142b159d2e966313038af60d456a| csv_48x2_545383d43974d4a65fb68bd817b54e96.png| | 1769| 8-Aug-22| 12:52 \nsts_spclientnewux1229ccefbc054024523b33fa2629da8b| csv_48x3_de84df743754e9d08851968fcc5c7d12.png| | 2506| 8-Aug-22| 12:52 \nsts_spclientnewuxacf8a484c11f82e55a95826f8f58c551| csv_96x1_5_0518cee3f9d6daa79587500a2ddd5684.png| | 2297| 8-Aug-22| 12:52 \nsts_spclientnewux58d27833e08d1ab492107cc61e123a71| csv_96x1_a70e1383d349d396443bb39efff139ef.png| | 2517| 8-Aug-22| 12:52 \nsts_spclientnewux730859dcb6287e5d9157e4bbff6a941a| csv_96x2_79e6a3717c2033276d4fc5cc74ccecd3.png| | 2850| 8-Aug-22| 12:52 \nsts_spclientnewux7969046426b5a254c6d2a41bc2147e0f| csv_96x3_f8c424976012461927df153d46e9674d.png| | 4326| 8-Aug-22| 12:52 \nsts_spclientnewuxe04b7ba5c57d6efdd1b3f023a9afd70f| d1d91016-032f-456d-98a4-721247c305e8.json| | 12829| 10-Aug-22| 10:02 \nsts_spclientnewuxe0de0464927d19518f48aaff08ed2ad1| daf0b71c-6de8-4ef7-b511-faae7c388708.json| | 17481| 10-Aug-22| 10:02 \nsts_spclientnewuxa08a88a1a20d60fc6fa9f6eecf78666e| embed-webpart-base.js| | 47384| 8-Aug-22| 12:52 \nsts_spclientnewux1248484f0eaf072567b2270eb74e2a1f| listview-host-assembly.js| | 750208| 10-Aug-22| 10:02 \nsts_spclientnewuxa8c9aa3afb3e1858c4883c80b87b0886| sp-application-base.js| | 111417| 10-Aug-22| 10:02 \nsts_spclientnewux26dacaeae91404692b5c89ca58e6ef98| sp-bing-map-webpart-bundle.js| | 74193| 10-Aug-22| 10:02 \nsts_spclientnewuxa61f5e0f461e05cce0e0c856fdaae280| sp-blogs-webpart-bundle.js| | 139353| 8-Aug-22| 12:52 \nsts_spclientnewuxf5d396401fea052502b6aae89b8cc207| sp-canvas.js| | 304974| 10-Aug-22| 10:02 \nsts_spclientnewuxacbcfd1635aafc26d7fa34d3a4170557| sp-carousel-layout.js| | 74688| 8-Aug-22| 12:52 \nsts_spclientnewux22d4383e576bd2d0767efe61a9b0177f| sp-classic-page-assembly.js| | 1553917| 10-Aug-22| 10:02 \nsts_spclientnewux687ed0916c9953c4eb72b0f5cd6905e1| sp-compactcard-layout.js| | 26189| 8-Aug-22| 12:52 \nsts_spclientnewux3fd286c73a51e55671b2cf05ad879fe4| sp-component-layouts.js| | 193108| 8-Aug-22| 12:52 \nsts_spclientnewux6d0b88b1fc07d52bfd5ed0e7ffd2ff96| sp-component-utilities.js| | 106947| 8-Aug-22| 12:52 \nsts_spclientnewuxf9e26c8ba0232226f164fb3134158861| sp-connector-webpart.js| | 137981| 8-Aug-22| 12:52 \nsts_spclientnewuxaeab4a7dad255efb982d8cc6384a6b30| sp-contentrollup-webpart-bundle.js| | 226388| 10-Aug-22| 10:02 \nsts_spclientnewux2a2fc2a92e0cb8cd022d363ea1786ae4| sp-custommessageregion-bundle.js| | 34510| 10-Aug-22| 10:02 \nsts_spclientnewuxc80a54337999c221a2752d525a9f98ac| sp-dataproviders.js| | 95992| 10-Aug-22| 10:02 \nsts_spclientnewuxd14e8603d99cfdea0f8636f109640add| sp-datetimepicker.js| | 105601| 8-Aug-22| 12:52 \nsts_spclientnewux294ffd36afbed5a9fdb51794f4f3a730| sp-default-assembly.js| | 728068| 10-Aug-22| 10:02 \nsts_spclientnewuxe526f3106af18bfd9a893c145a68bea1| sp-divider-webpart-bundle.js| | 32150| 10-Aug-22| 10:02 \nsts_spclientnewux6c85212e5fd53659abdaac84362ead1f| sp-documentembed-webpart-bundle.js| | 97121| 10-Aug-22| 10:02 \nsts_spclientnewuxc67750e80ee512c39aae0f51156cc4c5| sp-embed-webparts-bundle.js| | 43199| 10-Aug-22| 10:02 \nsts_spclientnewux960f55d92c073ad967c1d41757c1f0a8| sp-events-webpart-bundle.js| | 71239| 10-Aug-22| 10:02 \nsts_spclientnewuxc4b985680551412a904096aa6f1dbeab| sp-filepicker.js| | 26874| 10-Aug-22| 10:02 \nsts_spclientnewuxe983fe94f37bdad72135b55a29225aed| sp-forms-webpart-bundle.js| | 61656| 10-Aug-22| 10:02 \nsts_spclientnewuxf19a838e191127967cd29ae6b20ab799| sp-groupcalendar-webpart-bundle.js| | 133465| 10-Aug-22| 10:02 \nsts_spclientnewuxa591d003a7a8c3afca3c8688ad401ea0| sp-hero-webpart-bundle.js| | 128429| 10-Aug-22| 10:02 \nsts_spclientnewux772296c19fc27e1b6f18d28759f2ba5b| sp-html-embed.js| | 40476| 8-Aug-22| 12:52 \nsts_spclientnewux78fc6c56623222d8dfcf75c9b0a2e7a4| sp-http.js| | 44135| 10-Aug-22| 10:02 \nsts_spclientnewux8f461cff81c07d944621f876e997777e| sp-image-gallery-webpart-bundle.js| | 81382| 10-Aug-22| 10:02 \nsts_spclientnewux2d92f617d4e9cc7ec385e0e500a3d7b2| sp-image-webpart-bundle.js| | 105626| 10-Aug-22| 10:02 \nsts_spclientnewux42e703f43e251f868d972f61dafd921e| sp-linkpreview-webpart-bundle.js| | 66341| 10-Aug-22| 10:02 \nsts_spclientnewux49b289bb50fa43774a9d4645eef75e88| sp-list-webpart-bundle.js| | 1031541| 10-Aug-22| 10:02 \nsts_spclientnewux6b8c7c4233559a13836ef1a691ba7023| sp-loader.js| | 147075| 10-Aug-22| 10:02 \nsts_spclientnewux383919f8fe3b958e524c8a635d1e2c2c| sp-loader-assembly.js| | 587500| 10-Aug-22| 10:02 \nsts_spclientnewuxe842d74f8bb0760b55d7f43f35d0d7a7| sp-newsfeed-webpart-bundle.js| | 137230| 8-Aug-22| 12:52 \nsts_spclientnewux11d2e484811a186abfb7f9a6c7275fd4| sp-newsreel-webpart-bundle.js| | 137222| 8-Aug-22| 12:52 \nsts_spclientnewuxe2e58fc5fb56b66cddf843e55ff5f992| sp-news-webpart-bundle.js| | 137044| 8-Aug-22| 12:52 \nsts_spclientnewux59e7e9a3603ea1a4ec0d3a97d86bfb12| sp-pagepicker.js| | 10174| 10-Aug-22| 10:02 \nsts_spclientnewuxc21a3246bdf5a3aa770903ed6fd493ee| sp-pages.js| | 498052| 10-Aug-22| 10:02 \nsts_spclientnewuxb3b4f7cd0e237860f1b8fdbe1372826e| sp-pages-assembly.js| | 2592216| 10-Aug-22| 10:02 \nsts_spclientnewuxb7c159038749343c1c4b0ec9f2deec4c| sp-pages-core.js| | 59295| 8-Aug-22| 12:52 \nsts_spclientnewuxb3342cfbf53938dec6fdf773f6adeebc| sp-people-webparts-bundle.js| | 163854| 10-Aug-22| 10:02 \nsts_spclientnewuxb501aed454e9ea1b719ba92103130738| sp-planner-webpart-bundle.js| | 2945545| 10-Aug-22| 10:02 \nsts_spclientnewuxea46ce84a74da087564f5d905acd4e56| sp-powerapps-webpart.js| | 24099| 10-Aug-22| 10:02 \nsts_spclientnewux22fad59d46fcfec7745b173cc20fd92d| sp-queryfilter.js| | 142101| 10-Aug-22| 10:02 \nsts_spclientnewuxec0d18f646f918f9cae4bd08ccdc09ab| sp-quickchart-webpart-bundle.js| | 255133| 10-Aug-22| 10:02 \nsts_spclientnewux0bbc1a9825e04eb5a37f62f2a09d2dbf| sp-quick-links-webpart.js| | 95232| 10-Aug-22| 10:02 \nsts_spclientnewux113384fd2f31fde205b8bf2f79ccdcd3| sp-siteactivity-webpart-bundle.js| | 195003| 8-Aug-22| 12:52 \nsts_spclientnewux2f7f2f92075f659c5926320cfab3f096| sp-sitepicker.js| | 44819| 8-Aug-22| 12:52 \nsts_spclientnewux6c3d8d275dd7351021418bffbebe3d8c| sp-spacer-webpart-bundle.js| | 44319| 10-Aug-22| 10:02 \nsts_spclientnewuxf5437647b691243399470c6a80d66804| sp-title-region-webpart.js| | 129219| 10-Aug-22| 10:02 \nsts_spclientnewuxb200a6283a80b8a6b4ee220419563723| sp-toolbox.js| | 31121| 10-Aug-22| 10:02 \nsts_spclientnewux3436740e82f30185ab432f7dbe7eed84| sp-twitter-webpart-bundle.js| | 44274| 10-Aug-22| 10:02 \nsts_spclientnewux084c8b925815606929921fa578f05539| sp-webpart-application-assembly.js| | 1548956| 10-Aug-22| 10:02 \nsts_spclientnewuxf9d542f5e7a1ffba716f8cf63efa490b| sp-webpart-base.js| | 106471| 10-Aug-22| 10:02 \nsts_spclientnewux1113dc0b40c4f62ba0b2c0cbbc272713| sp-webpart-shared.js| | 151419| 10-Aug-22| 10:02 \nsts_spclientnewuxf6f4d7aff6b346521ef692276ec4c4c6| sp-webpart-workbench.js| | 51898| 8-Aug-22| 12:52 \nsts_spclientnewux96fbeacb80b41e044617bbe3fade4c6c| sp-webpart-workbench-assembly.js| | 1946389| 10-Aug-22| 10:02 \nsts_spclientnewuxb936577a0b035ab65bc7e49bd5e6a9ab| sp-yammerembed-webpart-bundle.js| | 144166| 8-Aug-22| 12:52 \nsts_spclientnewux84505203ddf82c3742f2de6283fac55b| docx_16x1_5_053e1e11915d9427b3e53d8afa6a83d0.png| | 585| 8-Aug-22| 12:52 \nsts_spclientnewux162b3a6ca51af753b9bd4843fe72d73e| docx_16x1_5d551916093e87d3ee343537fb8b88a6.png| | 1398| 8-Aug-22| 12:52 \nsts_spclientnewuxf497b0d9739710ab47621ed013958700| docx_16x2_71f9b62260e4b54bc8a4e67432c68025.png| | 627| 8-Aug-22| 12:52 \nsts_spclientnewux0356c36d9372976aa44fa8b66a60aad1| docx_16x3_4147703edb3002728b81f5cfa5a91c48.png| | 800| 8-Aug-22| 12:52 \nsts_spclientnewux79d2445aca482099f6df2e36d89461a0| docx_48x1_5_91acd6ead8deb3ea9c1235e4d4e16bdf.png| | 1029| 8-Aug-22| 12:52 \nsts_spclientnewuxe3a71083330a36a0eabe838a39d0b3c1| docx_48x1_95ded5a67197f256abb3c6dc1fdfd59f.png| | 1800| 8-Aug-22| 12:52 \nsts_spclientnewux0d5db131be96001650ead186260bd110| docx_48x2_64db322bc02431d4fbdbb48c2801d000.png| | 1325| 8-Aug-22| 12:52 \nsts_spclientnewuxcd219fe8c823f0b30359401090f8d8c3| docx_48x3_ff9f50d887901f42b0bee4f7c511f018.png| | 1852| 8-Aug-22| 12:52 \nsts_spclientnewux7cd02027da5448f87eef42787c8915ea| docx_96x1_4d0ad5d46d38513bc8fd478f6a723adf.png| | 2173| 8-Aug-22| 12:52 \nsts_spclientnewuxbde31235d2341bae8e3fb3bd773a2ba3| docx_96x1_5_9366cab6bb01500d444217ccbee74d76.png| | 1697| 8-Aug-22| 12:52 \nsts_spclientnewux157716a601a23bdcc82711713c178f89| docx_96x2_3e32a452a3e65ad09e0cf29a525d8a27.png| | 2124| 8-Aug-22| 12:52 \nsts_spclientnewux62380155bba07e21931cbd4c2c8819ee| docx_96x3_7e372763d14c0826ed8aba9a0fbe3d4f.png| | 3070| 8-Aug-22| 12:52 \nsts_spclientnewux8766926ce4c6eadaf66d6c870efd71a9| dotx_16x1_2b312ced2e9cca5bfe1963b6eb49c2e5.png| | 1360| 8-Aug-22| 12:52 \nsts_spclientnewuxeac0104f583d7aafce09495a9c48b46b| dotx_16x1_5_9587d3f8637ccf6f6dd8ca5748013923.png| | 516| 8-Aug-22| 12:52 \nsts_spclientnewux3e4c1fa274d624cf42c4645e65569671| dotx_16x2_c23c391373a8f96945cdd9d32cb24dbc.png| | 612| 8-Aug-22| 12:52 \nsts_spclientnewux403751d49b9ba3d93d637a1ea4e74154| dotx_16x3_4130e8847068434fa8b94072182f0e5c.png| | 831| 8-Aug-22| 12:52 \nsts_spclientnewuxe9572cf13d1e19a8e961628bb68132fb| dotx_48x1_5_492df226937a5fb3e5acbd7d66adfac3.png| | 988| 8-Aug-22| 12:52 \nsts_spclientnewux14208fd33bfe8ed0a7d7b0fdc85b9b92| dotx_48x1_73701fd95ef5e319da36d350bf2068e2.png| | 1755| 8-Aug-22| 12:52 \nsts_spclientnewuxde231664a23f9a0c373482ef0f5be921| dotx_48x2_cd8f82b2a79f3c22a3fe2d5e9ffe252b.png| | 1274| 8-Aug-22| 12:52 \nsts_spclientnewux8e1dc10ad2d154ea949b6e42bbfb7088| dotx_48x3_14dec4e5ad960aa52adcb43f5d4ad5c6.png| | 1790| 8-Aug-22| 12:52 \nsts_spclientnewuxa4f5eebc187758a2238b72e64dffedf3| dotx_96x1_5_5d1102527d493c61185a7e7a62a788ba.png| | 1578| 8-Aug-22| 12:52 \nsts_spclientnewuxe10968b7ab0b4844174297af0272e3ce| dotx_96x1_a1017900087f3cc70d726dee36a76994.png| | 2124| 8-Aug-22| 12:52 \nsts_spclientnewux8abca0bc280247d0ed7bd9e12b8b9f71| dotx_96x2_bdc47178af937d029e28a3e7ce249ddd.png| | 2061| 8-Aug-22| 12:52 \nsts_spclientnewux268eea4f384766e3832393e1b96ac383| dotx_96x3_33a48dc068889f7bd8ea72c90b977910.png| | 2970| 8-Aug-22| 12:52 \nsts_spclientnewux80dae808de3b5078b4efc4fb29865793| e377ea37-9047-43b9-8cdb-a761be2f8e09.json| | 13427| 10-Aug-22| 10:02 \nsts_spclientnewuxab7b1df6c15b0a294a30492e9ac8fae1| eb95c819-ab8f-4689-bd03-0c2d65d47b1f.json| | 14590| 10-Aug-22| 10:02 \nsts_spclientnewuxa4a2550216affc2874c3e81dc4018f2c| excel_16x1_5_3909e6cfb9ed574b7a4038703354688b.png| | 446| 8-Aug-22| 12:52 \nsts_spclientnewuxbe05b957f12fc509273423f56e4510e1| excel_16x1_9f85f99d3a24a45edf7c45acfc1505df.png| | 349| 8-Aug-22| 12:52 \nsts_spclientnewux9e612331e3d566da56e363a3bb8869d7| excel_16x2_b42c81daea3f36a79f7d1274c8e163a0.png| | 591| 8-Aug-22| 12:52 \nsts_spclientnewuxd355e5cb62bc4a671aba8c58b62f87eb| excel_16x3_0f3f65dc466cb70bd4da4c627a14dbb7.png| | 1387| 8-Aug-22| 12:52 \nsts_spclientnewux06bac27fbe0d073ba86b1000355ab67a| excel_48x1_0f3f65dc466cb70bd4da4c627a14dbb7.png| | 1387| 8-Aug-22| 12:52 \nsts_spclientnewux62af1d1b6aa82699a64db860e9300a47| excel_48x1_5_60704c48d93d26a884fa59095704a159.png| | 2199| 8-Aug-22| 12:52 \nsts_spclientnewux4776fee8e784a7fec675e8d974476340| excel_48x2_52ad507872842023c6dfc3bfb86b7924.png| | 2948| 8-Aug-22| 12:52 \nsts_spclientnewux79c23087af66f18bfc0cde56c79b0c95| excel_48x3_d9ad58e9a2a90c784d10a1c77f614050.png| | 4729| 8-Aug-22| 12:52 \nsts_spclientnewuxf0412560dd2e7a56af9f87852c333535| excel_96x1_5_0a0bc8cf913b213485b2056e7c75b6b6.png| | 4704| 8-Aug-22| 12:52 \nsts_spclientnewuxb5df036c286cf302d5f77402206293b8| excel_96x1_826f376978b7f5c5d84f01b0c175cdf5.png| | 2964| 8-Aug-22| 12:52 \nsts_spclientnewuxf1b335926db7c5a5cbeb471c59ed7cb5| excel_96x2_4962366bac5f3f0710950f368a5c487a.png| | 5950| 8-Aug-22| 12:52 \nsts_spclientnewuxbed36bf334a09b5c725c5113fe43a669| excel_96x3_80e5831f5dbb4a95bd15401feedd5e10.png| | 10107| 8-Aug-22| 12:52 \nsts_spclientnewux8ef36081a346aba067e958bbb3d5a845| f6fdf4f8-4a24-437b-a127-32e66a5dd9b4.json| | 13416| 10-Aug-22| 10:02 \nsts_spclientnewuxcb869d957d4e64318530b63e610d75f7| f92bf067-bc19-489e-a556-7fe95f508720.json| | 18015| 10-Aug-22| 10:02 \nsts_spclientnewuxf2d1a7f35d2ba5854680149e140e38f6| fabricmdl2icons-2.23_1850f50d510fc4b7fd7bf4889ea7da21.ttf| | 187984| 8-Aug-22| 12:52 \nsts_spclientnewuxdf3482c3e74fc57578122ab0b6dec981| fabricmdl2icons-2.23_af4a0833031abba2a3d0a55ee0add2c6.woff2| | 71744| 8-Aug-22| 12:52 \nsts_spclientnewuxca45653d077dd8f8160018077e0a9432| fabricmdl2icons-2.23_e312e6548dd1dd9ba24d9b96a7f1fd09.woff| | 94656| 8-Aug-22| 12:52 \nsts_spclientnewuxdf217af2c449434cc978237da49860dc| fabricmdl2icons-2.53_3200458db3cc6a10921a7a82c6711d45.woff| | 134252| 8-Aug-22| 12:52 \nsts_spclientnewux37401c5f5c8c6e0bebcbbd737692b878| fabricmdl2icons-2.53_4fe7efcad26d25b8f508ef80a91ee73b.woff2| | 105000| 8-Aug-22| 12:52 \nsts_spclientnewuxde72b466d6fbb352015a237d127bef27| fabricmdl2icons-2.53_9632e65543d2acfd1e277e6a3d28e601.ttf| | 263324| 8-Aug-22| 12:52 \nsts_spclientnewux0567dea9d8e26f0c4e57d2d730e1498c| infopath_16x1_429365d97899093c0d0662620631e182.png| | 1426| 8-Aug-22| 12:52 \nsts_spclientnewux038964b23bcd894601107c09748b97cc| infopath_16x1_5_6c56b62ff5748eeb26efc44ee009d777.png| | 1482| 8-Aug-22| 12:52 \nsts_spclientnewux1ae82f61b693dcab6c352906f41f3f51| infopath_16x2_7af4b21d5e1a0012598ebf077f77e017.png| | 707| 8-Aug-22| 12:52 \nsts_spclientnewux0af56f37475008374274f5244ea2e15b| infopath_16x3_1d081b470135a6f3bd25666fefcacf67.png| | 941| 8-Aug-22| 12:52 \nsts_spclientnewux665c4b4ce5c1706a93698aeb39ba1d95| infopath_48x1_5_d9a2431e0e59ba88d725aa970fc75914.png| | 2098| 8-Aug-22| 12:52 \nsts_spclientnewux2212cab7b69805d9409e27a5547b34d0| infopath_48x1_ca1a6dbcc5b7551d7cfee910fd7bbf5b.png| | 1920| 8-Aug-22| 12:52 \nsts_spclientnewuxe7a0c94dfa417ef96de11d9bd61843c1| infopath_48x2_92a5156284920439a13a11ca89a7ab4d.png| | 1373| 8-Aug-22| 12:52 \nsts_spclientnewux1e552c7812e30d87e9bb64d1d7874ab6| infopath_48x3_d971a75bbd733d3a4b9a05db484f993f.png| | 2059| 8-Aug-22| 12:52 \nsts_spclientnewux982d814efce20be6ecf6f0fa03fa0edd| infopath_96x1_34d96f820a628f53a9edb0b99382be9f.png| | 2539| 8-Aug-22| 12:52 \nsts_spclientnewux1a2f5b5573f5828549078a2453523a56| infopath_96x1_5_b8b5705b43faeec64c45815e2844d36a.png| | 2819| 8-Aug-22| 12:52 \nsts_spclientnewux2b11c4cc6340eb3c3df894816536da09| infopath_96x2_c5d38e886dc3a11de2e6e9d4210547c1.png| | 2577| 8-Aug-22| 12:52 \nsts_spclientnewux9b0bc6b412f6cfd07baa9d1263011e7b| infopath_96x3_76ec1760c3b91989adaa91037c71e809.png| | 3775| 8-Aug-22| 12:52 \nsts_spclientnewux967f273dd90b110453dab8b878d2bf81| leelawadeeui-bold_6cdc55f3988d8090f2582b1ade83df2b.woff| | 43896| 8-Aug-22| 12:52 \nsts_spclientnewux6f96908d468281085d3ab22367dfb75d| leelawadeeui-bold_a047f883e11cf168d54af7c8d5a48c79.woff2| | 38304| 8-Aug-22| 12:52 \nsts_spclientnewux2fc3af47d18316f6ee8767e276529643| leelawadeeui-regular_46e5f18647acd852fbe0ad149e166b95.woff| | 47832| 8-Aug-22| 12:52 \nsts_spclientnewux5f3a6e0eb23d3b0829be6b035a29edf7| leelawadeeui-regular_69b84090e124679cc8440393db24f914.woff2| | 41808| 8-Aug-22| 12:52 \nsts_spclientnewuxa17c77c2eec3801e69af1a999290d8bc| leelawadeeui-semilight_13764acab069edc637f71683b8cd1686.woff2| | 37772| 8-Aug-22| 12:52 \nsts_spclientnewux31bff09f85d42d6fffad6c686e881c70| leelawadeeui-semilight_b1fe5c446bd5de63c376ad54fb2e6d90.woff| | 43820| 8-Aug-22| 12:52 \nsts_spclientnewux2e8f0649b2b51d464fb6d12bb368a21f| spclientmanifests.json| | 842362| 10-Aug-22| 10:03 \nsts_spclientnewux99f5dd30cc1620deb2450f752eb89610| mpp_16x1_1010b4ea50a744c4e6efc4958109ef6d.png| | 1387| 8-Aug-22| 12:52 \nsts_spclientnewux2827d59862ac8cc6b8d4241a4796434f| mpp_16x1_5_bbb449dc2ef5a9443510c7fb6fb5b3b6.png| | 500| 8-Aug-22| 12:52 \nabsblobstore.dll| absblobstore.dll| 16.0.10390.20000| 691656| 16-Aug-22| 02:27 \naccsvcdp.dll| accsvcdp.dll| 16.0.10390.20000| 268736| 16-Aug-22| 02:25 \nmicrosoft.office.access.services.moss.dll| microsoft.office.access.services.moss.dll| 16.0.10390.20000| 768960| 16-Aug-22| 02:25 \nascalc.dll| ascalc.dll| 16.0.10390.20000| 974280| 16-Aug-22| 02:27 \nmicrosoft.office.access.server.application.dll| microsoft.office.access.server.application.dll| 16.0.10390.20000| 615896| 16-Aug-22| 02:27 \nmicrosoft.office.access.server.calculation.interop.dll| microsoft.office.access.server.calculation.interop.dll| 16.0.10390.20000| 63424| 16-Aug-22| 02:27 \nmicrosoft.office.access.server.dll| microsoft.office.access.server.dll| 16.0.10390.20000| 1411520| 16-Aug-22| 02:27 \naccsrv.layouts.root.accsrvscripts.js| accessserverscripts.js| | 575532| 16-Aug-22| 02:27 \nconversion.office.biplatserver.dll| biplatserver.dll| 16.0.10390.20000| 525784| 16-Aug-22| 02:23 \nppt.conversion.biplatserver.dll| biplatserver.dll| 16.0.10390.20000| 525784| 16-Aug-22| 02:23 \nppt.edit.biplatserver.dll| biplatserver.dll| 16.0.10390.20000| 525784| 16-Aug-22| 02:23 \nwac.office.biplatserver.dll| biplatserver.dll| 16.0.10390.20000| 525784| 16-Aug-22| 02:23 \nconversion.chartserver.dll| chartserver.dll| 16.0.10390.20000| 16149968| 16-Aug-22| 02:25 \nppt.conversion.chartserver.dll| chartserver.dll| 16.0.10390.20000| 16149968| 16-Aug-22| 02:25 \nppt.edit.chartserver.dll| chartserver.dll| 16.0.10390.20000| 16149968| 16-Aug-22| 02:25 \nwac.office.chartserver.dll| chartserver.dll| 16.0.10390.20000| 16149968| 16-Aug-22| 02:25 \nchicagoingestion.dll| chicagoingestion.dll| 0.0.0.0| 23480| 9-Aug-22| 06:05 \nprodfeat.xml| feature.xml| | 616| 16-Aug-22| 02:23 \nsharepointcmiscore_gac.dll| microsoft.sharepoint.cmis.core.dll| 16.0.10390.20000| 229304| 16-Aug-22| 02:27 \naddgroup.asx| cmsslwpaddeditgroup.aspx| | 6406| 9-Aug-22| 06:05 \nastcmmn_js| assetcommon.js| | 18253| 16-Aug-22| 02:27 \nastpkrs_js| assetpickers.js| | 68292| 16-Aug-22| 02:27 \nsm.js| cmssitemanager.js| | 29279| 16-Aug-22| 02:27 \ncmssummarylinks_js| cmssummarylinks.js| | 6015| 16-Aug-22| 02:27 \neditmenu_js| editingmenu.js| | 11359| 16-Aug-22| 02:27 \nhierlist_js| hierarchicallistbox.js| | 30327| 16-Aug-22| 02:27 \nmediaplayer.js| mediaplayer.js| | 47725| 16-Aug-22| 02:27 \nptdlg.js| pickertreedialog.js| | 2950| 16-Aug-22| 02:27 \nselect_js| select.js| | 2387| 16-Aug-22| 02:27 \nslctctls_js| selectorcontrols.js| | 13288| 16-Aug-22| 02:27 \nserializ_js| serialize.js| | 3219| 16-Aug-22| 02:27 \nsp.ui.assetlibrary.ribbon.debug.js| sp.ui.assetlibrary.debug.js| | 13220| 16-Aug-22| 02:27 \nsp.ui.assetlibrary.js| sp.ui.assetlibrary.js| | 5367| 16-Aug-22| 02:27 \nsp.ui.pub.htmldesign.debug.js| sp.ui.pub.htmldesign.debug.js| | 38342| 16-Aug-22| 02:27 \nsp.ui.pub.htmldesign.js| sp.ui.pub.htmldesign.js| | 19407| 16-Aug-22| 02:26 \nsp.ui.pub.ribbon.debug.js| sp.ui.pub.ribbon.debug.js| | 146313| 16-Aug-22| 02:27 \nsp.ui.pub.ribbon.js| sp.ui.pub.ribbon.js| | 84979| 16-Aug-22| 02:27 \nsp.ui.rte.publishing.debug.js| sp.ui.rte.publishing.debug.js| | 98216| 16-Aug-22| 02:27 \nsp.ui.rte.publishing.js| sp.ui.rte.publishing.js| | 49716| 16-Aug-22| 02:27 \nsp.ui.spellcheck.debug.js| sp.ui.spellcheck.debug.js| | 68393| 16-Aug-22| 02:27 \nsp.ui.spellcheck.js| sp.ui.spellcheck.js| | 36522| 16-Aug-22| 02:27 \nsplchkpg_js| spellcheckentirepage.js| | 6653| 16-Aug-22| 02:27 \nspelchek_js| spellchecker.js| | 34657| 16-Aug-22| 02:27 \nvideoportal.js| videoportal.js| | 14742| 16-Aug-22| 02:27 \nmicrosoft.sharepoint.publishing.dll_isapi| microsoft.sharepoint.publishing.dll| 16.0.10390.20000| 5416416| 16-Aug-22| 02:28 \nsharepointpub.dll| microsoft.sharepoint.publishing.dll| 16.0.10390.20000| 5416416| 16-Aug-22| 02:28 \nsharepointpub_gac.dll| microsoft.sharepoint.publishing.dll| 16.0.10390.20000| 5416416| 16-Aug-22| 02:28 \nsppubint.dll| microsoft.sharepoint.publishing.intl.dll| 16.0.10390.20000| 351696| 16-Aug-22| 02:28 \nsppubint_gac.dll| microsoft.sharepoint.publishing.intl.dll| 16.0.10390.20000| 351696| 16-Aug-22| 02:28 \nschema.xml_pubresfeap| schema.xml| | 44173| 16-Aug-22| 02:24 \nasctyps.xml| assetcontenttypes.xml| | 2846| 16-Aug-22| 02:24 \nasctyps2.xml| assetcontenttypes2.xml| | 2460| 16-Aug-22| 02:23 \nasflds.xml| assetfields.xml| | 1366| 16-Aug-22| 02:24 \nasflds2.xml| assetfields2.xml| | 1045| 16-Aug-22| 02:23 \naslibalt.xml| assetlibrarytemplate.xml| | 555| 16-Aug-22| 02:25 \naslibft.xml| feature.xml| | 2763| 16-Aug-22| 02:24 \naslibui.xml| provisionedui.xml| | 5075| 16-Aug-22| 02:24 \naslibui2.xml| provisionedui2.xml| | 1708| 16-Aug-22| 02:24 \ncdsele.xml| contentdeploymentsource.xml| | 637| 16-Aug-22| 02:25 \ncdsfeatu.xml| feature.xml| | 604| 16-Aug-22| 02:25 \ndocmpgcv.xml| docmpageconverter.xml| | 496| 16-Aug-22| 02:24 \ndocxpgcv.xml| docxpageconverter.xml| | 496| 16-Aug-22| 02:23 \nconvfeat.xml| feature.xml| | 766| 16-Aug-22| 02:24 \nippagecv.xml| infopathpageconverter.xml| | 577| 16-Aug-22| 02:24 \nxslappcv.xml| xslapplicatorconverter.xml| | 575| 16-Aug-22| 02:23 \nanalyticsreports.xml| analyticsreports.xml| | 2850| 16-Aug-22| 02:28 \nxspsset.xml| catalogsitesettings.xml| | 556| 16-Aug-22| 02:28 \nxspfeat.xml| feature.xml| | 1514| 16-Aug-22| 02:28 \ndepoper.xml| deploymentoperations.xml| | 2415| 16-Aug-22| 02:27 \ndepfeat.xml| feature.xml| | 788| 16-Aug-22| 02:27 \npestset.xml| enhancedhtmlediting.xml| | 157| 16-Aug-22| 02:27 \npefeat.xml| feature.xml| | 793| 16-Aug-22| 02:26 \nenthmft.xml| feature.xml| | 564| 16-Aug-22| 02:25 \nenthmset.xml| themingsitesettings.xml| | 1005| 16-Aug-22| 02:25 \nenctb.xml| enterprisewikicontenttypebinding.xml| | 559| 16-Aug-22| 02:27 \nenctb2.xml| enterprisewikicontenttypebinding2.xml| | 390| 16-Aug-22| 02:27 \nenfet.xml| feature.xml| | 1168| 16-Aug-22| 02:27 \nenct.xml| enterprisewikicontenttypes.xml| | 1456| 16-Aug-22| 02:28 \nenct2.xml| enterprisewikicontenttypes2.xml| | 1211| 16-Aug-22| 02:28 \nenlayfet.xml| feature.xml| | 1618| 16-Aug-22| 02:28 \nprov.xml| provisionedfiles.xml| | 1181| 16-Aug-22| 02:28 \nprov2.xml| provisionedfiles2.xml| | 1197| 16-Aug-22| 02:28 \newiki2.xml| feature.xml| | 766| 16-Aug-22| 02:27 \nhtmlfeat.xml| feature.xml| | 11263| 16-Aug-22| 02:27 \nhtmlcolm.xml| htmldesigncolumns.xml| | 909| 16-Aug-22| 02:27 \nhtmlcol2.xml| htmldesigncolumns2.xml| | 543| 16-Aug-22| 02:27 \nhtmlcol3.xml| htmldesigncolumns3.xml| | 597| 16-Aug-22| 02:27 \nhtmlcont.xml| htmldesigncontenttypes.xml| | 2330| 16-Aug-22| 02:27 \nhtmlfile.xml| htmldesignfiles.xml| | 657| 16-Aug-22| 02:27 \nhtmlfil2.xml| htmldesignfiles2.xml| | 771| 16-Aug-22| 02:27 \nhtmlfil3.xml| htmldesignfiles3.xml| | 895| 16-Aug-22| 02:27 \nhtmldpui.xml| htmldesignprovisionedui.xml| | 669| 16-Aug-22| 02:27 \nhtmldrib.xml| htmldesignribbon.xml| | 29320| 16-Aug-22| 02:27 \nhtmldpct.xml| htmldisplaytemplatecontenttypes.xml| | 11361| 16-Aug-22| 02:27 \nhtmldpwp.xml| htmldisplaytemplatefiles.xml| | 9302| 16-Aug-22| 02:27 \nhtmldpwp10.xml| htmldisplaytemplatefiles10.xml| | 575| 16-Aug-22| 02:27 \nhtmldpwp11.xml| htmldisplaytemplatefiles11.xml| | 1091| 16-Aug-22| 02:27 \nhtmldpwp12.xml| htmldisplaytemplatefiles12.xml| | 401| 16-Aug-22| 02:27 \nhtmldpwp13.xml| htmldisplaytemplatefiles13.xml| | 396| 16-Aug-22| 02:27 \nhtmldpwp14.xml| htmldisplaytemplatefiles14.xml| | 856| 16-Aug-22| 02:27 \nhtmldpwp15.xml| htmldisplaytemplatefiles15.xml| | 492| 16-Aug-22| 02:27 \nhtmldpwp2.xml| htmldisplaytemplatefiles2.xml| | 830| 16-Aug-22| 02:27 \nhtmldpwp3.xml| htmldisplaytemplatefiles3.xml| | 497| 16-Aug-22| 02:27 \nhtmldpwp4.xml| htmldisplaytemplatefiles4.xml| | 496| 16-Aug-22| 02:27 \nhtmldpwp5.xml| htmldisplaytemplatefiles5.xml| | 506| 16-Aug-22| 02:27 \nhtmldpwp6.xml| htmldisplaytemplatefiles6.xml| | 412| 16-Aug-22| 02:27 \nhtmldpwp7.xml| htmldisplaytemplatefiles7.xml| | 4003| 16-Aug-22| 02:27 \nhtmldpwp8.xml| htmldisplaytemplatefiles8.xml| | 399| 16-Aug-22| 02:27 \nhtmldpwp9.xml| htmldisplaytemplatefiles9.xml| | 401| 16-Aug-22| 02:27 \nhtmldtcbs.xml| htmldisplaytemplatefilesoobcbs.xml| | 580| 16-Aug-22| 02:27 \nhtmldtqb.xml| htmldisplaytemplatefilesqb.xml| | 598| 16-Aug-22| 02:27 \nhtmldtqbref.xml| htmldisplaytemplatefilesqbref.xml| | 507| 16-Aug-22| 02:27 \nhtmldpwp_recs.xml| htmldisplaytemplatefilesrecs.xml| | 418| 16-Aug-22| 02:27 \nststngimplk.xml| sitesettingsimportlink.xml| | 667| 16-Aug-22| 02:27 \naltmp.xam| alternatemediaplayer.xaml| | 35634| 16-Aug-22| 02:25 \nmwpfeat.xml| feature.xml| | 940| 16-Aug-22| 02:25 \nmwpprovf.xml| provisionedfiles.xml| | 1457| 16-Aug-22| 02:25 \nmwpprovu.xml| provisionedui.xml| | 22914| 16-Aug-22| 02:25 \nmwpprovui2.xml| provisionedui2.xml| | 2690| 16-Aug-22| 02:25 \npnfeat.xml| feature.xml| | 782| 16-Aug-22| 02:27 \npnstset.xml| navigationsitesettings.xml| | 4721| 16-Aug-22| 02:27 \nplnfeat.xml| feature.xml| | 760| 16-Aug-22| 02:23 \nplnstset.xml| navigationsitesettings.xml| | 152| 16-Aug-22| 02:23 \ntpfeat.xml| feature.xml| | 2846| 16-Aug-22| 02:24 \ntpcls.xml| pointpublishingcolumns.xml| | 701| 16-Aug-22| 02:23 \ntpcts.xml| pointpublishingcontenttypes.xml| | 488| 16-Aug-22| 02:24 \ntptltsch.xml| schema.xml| | 4088| 16-Aug-22| 02:27 \npclts.xml| schema.xml| | 2354| 16-Aug-22| 02:24 \npcltf.xml| feature.xml| | 857| 16-Aug-22| 02:24 \npclt.xml| productcataloglisttemplate.xml| | 753| 16-Aug-22| 02:24 \npcfeat.xml| feature.xml| | 1699| 16-Aug-22| 02:27 \npccol.xml| productcatalogcolumns.xml| | 6259| 16-Aug-22| 02:27 \npcct.xml| productcatalogcontenttypes.xml| | 830| 16-Aug-22| 02:27 \npcct2.xml| productcatalogcontenttypes2.xml| | 643| 16-Aug-22| 02:27 \npcprov.xml| provisionedfiles.xml| | 926| 16-Aug-22| 02:27 \npubpubpf.xml| feature.xml| | 551| 16-Aug-22| 02:24 \npppptset.xml| portalsettings.xml| | 584| 16-Aug-22| 02:23 \nctconvst.xml| contenttypeconvertersettings.xml| | 511| 16-Aug-22| 02:24 \ndoclbset.xml| documentlibrarysettings.xml| | 524| 16-Aug-22| 02:25 \neditmenu.xml| editingmenu.xml| | 470| 16-Aug-22| 02:23 \npubfeat.xml| feature.xml| | 2696| 16-Aug-22| 02:24 \npaglttmp.xml| pageslisttemplate.xml| | 516| 16-Aug-22| 02:24 \nprovui.xml| provisionedui.xml| | 40574| 16-Aug-22| 02:24 \nprovui2.xml| provisionedui2.xml| | 1489| 16-Aug-22| 02:23 \nprovui3.xml| provisionedui3.xml| | 2135| 16-Aug-22| 02:24 \npubstset.xml| publishingsitesettings.xml| | 6235| 16-Aug-22| 02:23 \nregext.xml| regionalsettingsextensions.xml| | 328| 16-Aug-22| 02:24 \nsiteacmn.xml| siteactionmenucustomization.xml| | 646| 16-Aug-22| 02:24 \nvarflagc.xml| variationsflagcontrol.xml| | 473| 16-Aug-22| 02:24 \nvarnomin.xml| variationsnomination.xml| | 613| 16-Aug-22| 02:23 \npblyfeat.xml| feature.xml| | 6194| 16-Aug-22| 02:27 \npblyprovfile.xml| provisionedfiles.xml| | 7964| 16-Aug-22| 02:27 \npblyprovfile2.xml| provisionedfiles2.xml| | 610| 16-Aug-22| 02:27 \npblyprovfile4.xml| provisionedfiles4.xml| | 308| 16-Aug-22| 02:27 \npblyprovfile5.xml| provisionedfiles5.xml| | 414| 16-Aug-22| 02:27 \npblyprovfile6.xml| provisionedfiles6.xml| | 385| 16-Aug-22| 02:27 \npblyprovfile7.xml| provisionedfiles7.xml| | 1170| 16-Aug-22| 02:27 \npblyprovfile8.xml| provisionedfiles8.xml| | 507| 16-Aug-22| 02:27 \npblyprovui.xml| provisionedui.xml| | 11330| 16-Aug-22| 02:27 \nxspfeatlayouts.xml| searchboundpagelayouts.xml| | 3671| 16-Aug-22| 02:27 \npubmelem.xml| elements.xml| | 4149| 16-Aug-22| 02:27 \npubmele2.xml| elements2.xml| | 592| 16-Aug-22| 02:27 \npubmfeat.xml| feature.xml| | 1697| 16-Aug-22| 02:27 \npubmprui.xml| provisionedui.xml| | 1548| 16-Aug-22| 02:27 \npubmstng.xml| sitesettings.xml| | 670| 16-Aug-22| 02:27 \npubprft.xml| feature.xml| | 758| 16-Aug-22| 02:24 \npubrfeat.xml| feature.xml| | 4927| 16-Aug-22| 02:24 \nprovfile.xml| provisionedfiles.xml| | 4739| 16-Aug-22| 02:23 \nprovfl4.xml| provisionedfiles4.xml| | 1394| 16-Aug-22| 02:24 \npubrcol.xml| publishingcolumns.xml| | 20566| 16-Aug-22| 02:24 \npubrctt.xml| publishingcontenttypes.xml| | 12093| 16-Aug-22| 02:24 \npubrctt2.xml| publishingcontenttypes2.xml| | 304| 16-Aug-22| 02:24 \npubrctt3.xml| publishingcontenttypes3.xml| | 500| 16-Aug-22| 02:24 \npubrcont.xml| publishingcontrols.xml| | 405| 16-Aug-22| 02:23 \nprsset.xml| publishingresourcessitesettings.xml| | 3506| 16-Aug-22| 02:23 \nupgd1.xml| upgrade1.xml| | 548| 16-Aug-22| 02:24 \nupgd2.xml| upgrade2.xml| | 486| 16-Aug-22| 02:24 \nupgd3.xml| upgrade3.xml| | 600| 16-Aug-22| 02:25 \npubtfeat.xml| feature.xml| | 1477| 16-Aug-22| 02:23 \nrollplf.xml| feature.xml| | 862| 16-Aug-22| 02:24 \nrollplpf.xml| provisionedfiles.xml| | 14529| 16-Aug-22| 02:23 \nrollplct.xml| rolluppagecontenttype.xml| | 742| 16-Aug-22| 02:24 \nrollpf.xml| feature.xml| | 816| 16-Aug-22| 02:27 \nrollps.xml| rolluppagesettings.xml| | 4091| 16-Aug-22| 02:27 \nseofeatu.xml| feature.xml| | 1253| 16-Aug-22| 02:23 \nseoopt.xml| searchengineoptimization.xml| | 3578| 16-Aug-22| 02:24 \nseoopt1.xml| searchengineoptimization1.xml| | 2904| 16-Aug-22| 02:24 \nsppelm.xml| elements.xml| | 1843| 16-Aug-22| 02:23 \nsppfea.xml| feature.xml| | 1015| 16-Aug-22| 02:23 \nsaicona.xml| consoleaction.xml| | 412| 16-Aug-22| 02:24 \nsaifeat.xml| feature.xml| | 1324| 16-Aug-22| 02:23 \nsairibn.xml| ribbon.xml| | 2895| 16-Aug-22| 02:23 \nsaisset.xml| sitesettings.xml| | 584| 16-Aug-22| 02:24 \naddtheme.xml| additionalthemes.xml| | 3819| 16-Aug-22| 02:27 \nsbwcopa.xml| colorpalette.xml| | 4813| 16-Aug-22| 02:27 \nsbwcona.xml| consoleaction.xml| | 692| 16-Aug-22| 02:27 \nsbwct.xml| contenttypes.xml| | 4261| 16-Aug-22| 02:27 \nsbwdesba.xml| designbuilderaction.xml| | 444| 16-Aug-22| 02:27 \nsbwdesea.xml| designeditoraction.xml| | 438| 16-Aug-22| 02:27 \nsbwdpa.xml| designpackageactions.xml| | 418| 16-Aug-22| 02:27 \nsbwdpr.xml| designpreviewaction.xml| | 447| 16-Aug-22| 02:27 \nsbwdmt.xml| disablesystemmasterpagetheming.xml| | 436| 16-Aug-22| 02:27 \nsbwfeat.xml| feature.xml| |