Lucene search

K

Windows Kernel Security Vulnerabilities

cve
cve

CVE-2023-21772

Windows Kernel Elevation of Privilege...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-01-10 10:15 PM
64
cve
cve

CVE-2023-21773

Windows Kernel Elevation of Privilege...

7.8CVSS

7.5AI Score

0.001EPSS

2023-01-10 10:15 PM
69
cve
cve

CVE-2023-21748

Windows Kernel Elevation of Privilege...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-01-10 10:15 PM
69
cve
cve

CVE-2023-21747

Windows Kernel Elevation of Privilege...

7.8CVSS

7.5AI Score

0.001EPSS

2023-01-10 10:15 PM
68
cve
cve

CVE-2023-21750

Windows Kernel Elevation of Privilege...

7.1CVSS

7.1AI Score

0.0004EPSS

2023-01-10 10:15 PM
85
cve
cve

CVE-2023-21754

Windows Kernel Elevation of Privilege...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-01-10 10:15 PM
64
cve
cve

CVE-2023-21755

Windows Kernel Elevation of Privilege...

7.8CVSS

7.6AI Score

0.001EPSS

2023-01-10 10:15 PM
71
cve
cve

CVE-2023-21749

Windows Kernel Elevation of Privilege...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-01-10 10:15 PM
73
cve
cve

CVE-2023-21675

Windows Kernel Elevation of Privilege...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-01-10 10:15 PM
85
cve
cve

CVE-2022-34330

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

6.1CVSS

5.8AI Score

0.001EPSS

2023-01-05 07:15 AM
43
cve
cve

CVE-2022-22371

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: ...

6.5CVSS

6.2AI Score

0.0005EPSS

2023-01-05 07:15 AM
33
cve
cve

CVE-2022-45049

A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The url parameter on the novelist.php endpoint does not properly neutralise user input, resulting in the...

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-04 07:15 PM
20
cve
cve

CVE-2022-45051

A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The module parameter on the Service.template.cls endpoint does not properly neutralise user input, resulting in the...

6.1CVSS

6.1AI Score

0.001EPSS

2023-01-04 07:15 PM
21
cve
cve

CVE-2022-45052

A Local File Inclusion vulnerability has been found in Axiell Iguana CMS. Due to insufficient neutralisation of user input on the url parameter on the Proxy.type.php endpoint, external users are capable of accessing files on the...

9.8CVSS

6.4AI Score

0.001EPSS

2023-01-04 07:15 PM
35
cve
cve

CVE-2022-42266

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can cause exposure of sensitive information to an actor that is not explicitly authorized to have access to that information, which...

5.5CVSS

4.6AI Score

0.0004EPSS

2022-12-30 11:15 PM
49
cve
cve

CVE-2022-34683

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of...

5.5CVSS

5.9AI Score

0.0004EPSS

2022-12-30 11:15 PM
40
cve
cve

CVE-2022-34678

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of...

6.5CVSS

6.3AI Score

0.0004EPSS

2022-12-30 11:15 PM
48
cve
cve

CVE-2022-34681

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler, where improper input validation of a display-related data structure may lead to denial of...

5.5CVSS

5.9AI Score

0.0004EPSS

2022-12-30 11:15 PM
50
cve
cve

CVE-2022-35646

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID:...

5.9CVSS

4.9AI Score

0.0005EPSS

2022-12-22 08:15 PM
24
cve
cve

CVE-2022-38391

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID:...

7.5CVSS

7.2AI Score

0.001EPSS

2022-12-20 09:15 PM
31
cve
cve

CVE-2022-42343

Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of...

6.5CVSS

6.4AI Score

0.001EPSS

2022-12-16 04:15 PM
48
cve
cve

CVE-2022-44707

Windows Kernel Denial of Service...

6.5CVSS

6.7AI Score

0.001EPSS

2022-12-13 07:15 PM
155
cve
cve

CVE-2022-44710

DirectX Graphics Kernel Elevation of Privilege...

7.8CVSS

7.8AI Score

0.0004EPSS

2022-12-13 07:15 PM
58
In Wild
cve
cve

CVE-2022-44689

Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.0004EPSS

2022-12-13 07:15 PM
64
cve
cve

CVE-2022-44683

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.001EPSS

2022-12-13 07:15 PM
55
cve
cve

CVE-2022-34361

IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID:...

7.5CVSS

7.2AI Score

0.001EPSS

2022-12-06 06:15 PM
29
cve
cve

CVE-2022-34881

Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before...

3.3CVSS

4.2AI Score

0.0004EPSS

2022-12-06 02:15 AM
29
cve
cve

CVE-2022-34667

NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which...

4.4CVSS

5AI Score

0.001EPSS

2022-11-19 12:15 AM
51
6
cve
cve

CVE-2022-31617

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data...

7.8CVSS

7.5AI Score

0.0004EPSS

2022-11-19 12:15 AM
106
11
cve
cve

CVE-2022-34665

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of...

6.5CVSS

6.3AI Score

0.0004EPSS

2022-11-19 12:15 AM
68
5
cve
cve

CVE-2022-31613

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel...

7.1CVSS

6.3AI Score

0.0004EPSS

2022-11-19 12:15 AM
59
6
cve
cve

CVE-2022-31616

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information...

7.1CVSS

6.7AI Score

0.0004EPSS

2022-11-19 12:15 AM
60
9
cve
cve

CVE-2022-31612

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to a system crash or a leak of internal kernel...

7.1CVSS

6.8AI Score

0.0004EPSS

2022-11-19 12:15 AM
55
7
cve
cve

CVE-2022-31610

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data...

7.8CVSS

7.5AI Score

0.0004EPSS

2022-11-19 12:15 AM
81
7
cve
cve

CVE-2022-31606

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to...

7.8CVSS

7.5AI Score

0.0004EPSS

2022-11-19 12:15 AM
61
7
cve
cve

CVE-2022-40752

IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: ...

9.8CVSS

9.3AI Score

0.001EPSS

2022-11-16 11:15 PM
35
9
cve
cve

CVE-2022-40753

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS

5.2AI Score

0.001EPSS

2022-11-15 09:15 PM
29
9
cve
cve

CVE-2022-40750

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS

5.2AI Score

0.001EPSS

2022-11-11 07:15 PM
37
5
cve
cve

CVE-2022-31772

IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID:...

6.5CVSS

6.1AI Score

0.001EPSS

2022-11-11 07:15 PM
89
4
cve
cve

CVE-2022-34666

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of...

6.5CVSS

5.8AI Score

0.0004EPSS

2022-11-10 04:15 PM
38
8
cve
cve

CVE-2022-41113

Windows Win32 Kernel Subsystem Elevation of Privilege...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-11-09 10:15 PM
84
6
cve
cve

CVE-2022-38014

Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege...

7CVSS

6.9AI Score

0.0004EPSS

2022-11-09 10:15 PM
49
2
cve
cve

CVE-2022-27674

Insufficient validation in the IOCTL input/output buffer in AMD μProf may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of...

7.5CVSS

7.4AI Score

0.001EPSS

2022-11-09 09:15 PM
27
8
cve
cve

CVE-2022-23831

Insufficient validation of the IOCTL input buffer in AMD μProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of...

7.5CVSS

7.4AI Score

0.001EPSS

2022-11-09 09:15 PM
31
6
cve
cve

CVE-2022-40747

"IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:...

9.1CVSS

8.8AI Score

0.002EPSS

2022-11-03 08:15 PM
31
4
cve
cve

CVE-2022-40235

"IBM InfoSphere Information Server 11.7 could allow a user to cause a denial of service by removing the ability to run jobs due to improper input validation. IBM X-Force ID:...

6.5CVSS

6.2AI Score

0.001EPSS

2022-11-03 08:15 PM
45
3
cve
cve

CVE-2022-38712

"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID:...

5.9CVSS

5.5AI Score

0.001EPSS

2022-11-03 08:15 PM
50
4
cve
cve

CVE-2022-35717

"IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-"Force ID:...

7.8CVSS

7.7AI Score

0.0004EPSS

2022-11-03 08:15 PM
21
2
cve
cve

CVE-2022-35642

"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS

5.2AI Score

0.001EPSS

2022-11-03 08:15 PM
36
4
cve
cve

CVE-2022-30608

"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. IBM X-Force ID:...

8.8CVSS

8.4AI Score

0.001EPSS

2022-11-03 08:15 PM
31
4
Total number of security vulnerabilities2875