PT-2023-1093 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a cryptographic information disclosure in Windows operating systems, which could allow an attacker to disclose protected information. This may enable the attacker to...

PT-2023-1229 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Win32k component of the Windows operating system, which can be exploited to elevate privileges. This could allow an attacker to...

PT-2023-1228 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a synchronization error, specifically a "race condition," in the Overlay Filter component of Windows operating systems. This can allow an attacker to gain unauthoriz...

CVE-2022-34683

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of service...

CVE-2022-22746

A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird...

Microsoft Office Visio Remote Code Execution Vulnerability (CNVD-2022-89424)

Microsoft Office is a suite of office software developed by Microsoft Corporation based on the Windows operating system. Microsoft Office Visio is vulnerable to remote code execution. An attacker could exploit the vulnerability to execute code on the target host...

The vulnerability of the compatibility subsystem’s kernel allows for the execution of Linux applications on Windows operating systems through the Windows Subsystem for Linux (WSL2). This enables attackers to gain increased privileges.

The vulnerability of the compatibility subsystem’s kernel for running Linux applications, as provided by Windows Subsystem for Linux WSL2 on Windows operating systems, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Secure Socket Tunneling Protocol (SSTP) implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted requests...

CVE-2022-44676

Windows Secure Socket Tunneling Protocol SSTP Remote Code Execution Vulnerability...

The vulnerability of the Advanced Local Procedure Call (ALPC) handler in the Windows operating system allows attackers to enhance their privileges within the system.

The vulnerability of the Advanced Local Procedure Call ALPC in the Windows operating system arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Advanced Local Procedure Call (ALPC) handler in Microsoft Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Advanced Local Procedure Call ALPC in Microsoft Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the TCP/IP protocol driver for Microsoft Windows operating systems, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the TCP/IP protocol driver for Microsoft Windows operating systems is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Windows GDI component of the Windows operating system, which allows attackers to escalate their privileges

The vulnerability of the Windows GDI component of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of the Windows GDI+ interface on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Windows GDI+ graphics device interfaces on Windows operating systems is related to insufficient protection of system data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information using a specially created malicious file...

The vulnerability of the Advanced Local Procedure Call (ALPC) handler in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Advanced Local Procedure Call ALPC in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Point-to-Point Tunneling Protocol network protocol implementation in the Windows operating system allows a hacker to induce a service failure.

The vulnerability of the Point-to-Point Tunneling Protocol network protocol implementation in the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to remotely cause service failures...

The vulnerability of the Windows Resilient File System, a local file system for Windows operating systems, allows attackers to enhance their privileges.

The vulnerability of the Windows Resilient File System, a local file system for Windows operating systems, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Overlay Filter component in the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Overlay Filter component in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2022-41113

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...