EUVD-2022-44002

Malicious code in bioql PyPI...

EUVD-2022-44001

Malicious code in bioql PyPI...

CVE-2022-40732

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40732

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40732

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40733

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40733

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40733

CVE-2022-40733 is a kernel vulnerability in Windows DirectComposition via the win32kbase.sys driver. The TALOS report details a NULL pointer dereference in DirectComposition GetWeakReferenceBase due to a mis-managed weak-reference flag in the resource marshaler lifecycle, triggered when certain f...

CVE-2022-40733

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40733

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40732

CVE-2022-40732 affects Microsoft Windows DirectComposition in the win32kbase.sys driver (Windows 11 10.0.22000.593; Windows Server 2022 10.0.20348.643). Talos details a NULL pointer dereference in DirectComposition::CCompositionSurfaceBitmapMarshaler when setting integer property 0x3, which leads...

CVE-2022-40732

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

CVE-2022-40732

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboo...

PT-2024-11634 · Microsoft · Windows 11 +1

Name of the Vulnerable Software and Affected Versions: Windows 11 version 10.0.22000.593 Windows Server 2022 version 10.0.20348.643 Description: An access violation vulnerability exists in the DirectComposition functionality of the win32kbase.sys driver. A specially-crafted set of syscalls can le...

(0Day) Microsoft Windows DirectComposition Out-Of-Bounds Read Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

(0Day) Microsoft Windows DirectComposition Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

(Pwn2Own) Microsoft Windows DirectComposition Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition...

Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1514 Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability August 16, 2022 CVE Number CVE-2022-40732 SUMMARY An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver...

Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1515 Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability August 16, 2022 CVE Number CVE-2022-40733 SUMMARY An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version...

Microsoft Windows DirectComposition Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...