573 matches found
CVE-2021-40449
CVE-2021-40449 is a Win32k use-after-free local privilege escalation in GreResetDCInternal. The vulnerability arises when a user‑mode callback hook on the driver’s PDEV path (DrvEnablePDEV) can trigger a subsequent ResetDC call, freeing the original device context and causing a kernel‑mode use‑af...
CVE-2022-21907
CVE-2022-21907 concerns the HTTP Protocol Stack (http.sys) in Windows, enabling remote code execution via specially crafted packets. Public documentation and PoCs indicate impact on Windows 10 (notably 2004) and Windows Server variants, with multiple exploits and PoCs surfacing publicly. Mitigati...
CVE-2023-21768
CVE-2023-21768 affects the Windows Ancillary Function Driver for WinSock (afd.sys). The vulnerability stems from a flaw in AfdNotifyRemoveIoCompletion, enabling a local privilege escalation to SYSTEM by manipulating I/O ring structures. Documented impact shows LPE on Windows 11 22H2 up to build 2...
CVE-2022-26809
CVE-2022-26809 is a Windows RPC Runtime Remote Code Execution vulnerability. Public material in the connected documents indicates an unauthenticated remote attacker can trigger code execution by sending a crafted RPC call, with the real vulnerability located in OSF_CASSOCIATION::ProcessBindAckOrN...
CVE-2023-21752
CVE-2023-21752 is a Windows Backup Service Elevation of Privilege vulnerability affecting Windows 11 (build 10.0.22000). Exploitation is possible to gain SYSTEM privileges, potentially delete data or render the service unavailable. A public PoC and details exist (Exploit-DB entry: Windows 11 10.0...
CVE-2022-29130
Technical details about CVE-2022-29130 are not provided in the connected documents. Publicly available information in the initial entry is limited to high‑level descriptors; no product/version/impact/fix specifics are included here. Monitor for official updates.
CVE-2022-30209
Technical details (affected products, exploit vector, root cause, and remediation) are not provided in the supplied documents. Monitor for updates from official sources.
CVE-2022-32230
CVE-2022-32230 affects Microsoft Windows SMBv3 prior to the April 2022 patch set. A malformed FileNormalizedNameInformation SMBv3 request sent over a named pipe can trigger a null pointer dereference in the Windows kernel, resulting in a Blue Screen of Death (BSOD) and reboot of the SMBv3 server....
CVE-2022-24508
CVE-2022-24508 is a Windows SMBv3 client/server remote code execution vulnerability. The issue resides in the SMBv3 compression feature introduced in newer Windows builds and can enable code execution on a vulnerable system when exploited over a network. Exploitation requires authentication and c...
CVE-2022-22012
Technical details about CVE-2022-22012 are not publicly provided in the connected documents. The materials mention updates and mitigations but do not specify affected products/versions or remediation for this CVE. Monitor for updates.
CVE-2022-21990
CVE-2022-21990 — Remote Desktop Client RCE . The connected sources confirm a remote code execution vulnerability in the Windows Remote Desktop Client triggered when a user connects to a malicious RDP server. This is a client-side flaw exploited via a crafted server, enabling code execution on the...
CVE-2022-21894
CVE-2022-21894 is a Secure Boot security feature bypass exploited by the BlackLotus UEFI bootkit. It bypasses Secure Boot to load malicious EFI components, enabling persistence, disabling HVCI and Defender, and prior to OS load. Attack requires elevated privileges or physical access; bootkit impl...
CVE-2022-22048
Technical details about CVE-2022-22048 are not publicly provided in the supplied documents. No affected products, root cause, impact, or fixes are included here. Monitor for updates.
CVE-2022-24481
CVE-2022-24481 is a Windows Common Log File System Driver elevation-of-privilege vulnerability. The connected exploit reports describe a memory/counterpart corruption involving CLFS_CONTAINER_CONTEXT.pContainer that can be triggered from CClfsContainer::Close by modifying CLFS_BASE_RECORD_HEADER....
CVE-2022-24503
CVE-2022-24503 is a Remote Desktop Protocol Client Information Disclosure vulnerability. Connected sources indicate it affects Windows Remote Desktop Client and can be triggered over the network with no authentication and no user interaction, exposing partial confidentiality (C:L). The issue is t...
CVE-2022-21887
CVE-2022-21887 is a Win32k local elevation-of-privilege vulnerability in Windows. Public advisories indicate it affects Win32k and can enable attackers to escalate privileges on a vulnerable system. Public exploits have been reported for this CVE. Microsoft mitigation involves installing the Janu...
CVE-2022-26928
Technical details about CVE-2022-26928 are not publicly provided in the supplied documents. The entries only label it as a Windows Photo Import API elevation-of-privilege issue. Monitor for updates from Microsoft/NVD for remediation and impact.
CVE-2022-34721
CVE-2022-34721 is a Windows Internet Key Exchange (IKE) Protocol Extensions remote code execution vulnerability. The issue affects Windows systems with IPSec enabled and is exploitable via specially crafted IP packets targeting IKEv1 (IKEv2 is not affected). The flaw could allow an unauthenticate...
CVE-2022-30133
Technical details about CVE-2022-30133 (affected product, exploit, impact, fix) are not provided in the supplied documents. Monitor for official updates from Microsoft for patch information and vulnerable components.
CVE-2022-30170
Technical details about CVE-2022-30170 are not provided in the supplied documents. The connected sources reference related Credential Roaming issues and general Windows security updates, but no specific vulnerability details, affected products, or fixes are disclosed here. Monitor for updates.
CVE-2022-22049
CVE-2022-22049 is a Windows CSRSS (Client Server Run-time Subsystem) Elevation of Privilege vulnerability. The entry lists a CVSS v2 base score of 7.2 (HIGH) and CVSS v3.1 base score of 7.8 (HIGH), with LOCAL attack vector, LOW attack complexity, and privileges required as LOW; no user interactio...
CVE-2022-24505
CVE-2022-24505 is a Windows ALPC Elevation of Privilege vulnerability. The connected sources confirm a local privilege escalation in the Windows ALPC mechanism, enabling an attacker with local access to obtain high/ SYSTEM-like privileges. The NVD/CVSS data show a CVSS 3.1 base score of 7.0 (HIGH...
CVE-2022-22017
CVE-2022-22017 is a Remote Desktop Client RCE vulnerability affecting Windows clients. The attack requires a user to connect to a malicious RDP server; on connection, code can be executed on the victim’s system with the user’s privileges. Public patch guidance is available via Microsoft KBs (KB50...
CVE-2022-21972
CVE-2022-21972 is a Windows PPTP VPN component remote code execution vulnerability caused by use-after-free handling of PPTP packets. The connected advisory states a remote code execution vulnerability exists in Windows VPN due to improper PPTP packet handling, i.e., PPTP protocol use after free....
CVE-2022-24500
CVE-2022-24500 is a Windows SMB Remote Code Execution vulnerability. Connected exploit posts provide concrete steps and code to launch a Windows SMB-based RCE, requiring the target to interact with a malicious server/share over SMB (port 445). The GitHub exploits illustrate an end-to-end chain (d...
CVE-2022-24491
CVE-2022-24491 is a Remote Code Execution flaw in Windows Network File System (NFS) that is exploitable only on systems with the NFS role enabled. Affected component is the Windows NFS protocol handling; the root cause is remote code execution via specially crafted NFS network messages. Public pa...
CVE-2022-21977
Technical details about CVE-2022-21977 (Media Foundation Information Disclosure Vulnerability) are not provided in the supplied documents. No concrete affected products, versions, or remediation are stated here; monitor official sources for updates and disclosures.
CVE-2022-24528
CVE-2022-24528 is a Remote Code Execution vulnerability in Windows RPC Runtime. It is a network-exposed issue affecting the Windows RPC runtime, with a high-severity impact (C/H/I/A: high) per CVSS v3.1 (8.8) and a medium base score (6.8) in CVSS v2. The CVSS v3.1 vector indicates network access,...
CVE-2022-24547
CVE-2022-24547 matches the Windows Digital Media Receiver Elevation of Privilege vulnerability. Connected CNVD-2022-65611 describes an elevation of privilege in Microsoft Windows Digital Media Receiver caused by an incorrect programmatic call to an advanced local procedure. The CVE entry lists th...
CVE-2022-26931
CVE-2022-26931 is a Windows Kerberos elevation-of-privilege issue tied to certificate-to-account mapping changes in Active Directory. Microsoft KBs and Citrix documents describe remediation via certificate-mapping updates (e.g., KB5014754 and related out‑of‑band mitigations) to address how certif...
CVE-2022-24545
Technical details about CVE-2022-24545 (affected product/versions/root cause/exploitability) are not provided in the supplied connected documents. Monitor for updates from official advisories for concrete information and remediation guidance.
CVE-2023-21746
CVE-2023-21746 is a Windows NTLM elevation of privilege vulnerability. A GitHub exploit module for LocalPotato CVE-2023-21746 suggests a Windows-based target, with hints of buffer overflow/memory corruption as the likely root cause and that the exploit may be invoked via an exploit.py script in a...
CVE-2021-43217
CVE-2021-43217 is a Windows Encrypting File System (EFS) remote code execution vulnerability. The connected exploit document documents a practical demonstration of an EFS bypass on Windows 10 and shows use of Kali Linux, Metasploit and reverse TCP payloads, indicating an attacker could achieve co...
CVE-2022-24497
CVE-2022-24497 is a Windows Network File System (NFS) Remote Code Execution vulnerability. Exploitation can occur remotely over the network if NFS is enabled; Microsoft rated it Critical (CVSS v3.1 9.8) with wormable characteristics discussed in Patch Tuesday coverage. There is a public exploit/t...
CVE-2022-23293
Technical details for CVE-2022-23293 are not publicly available in the provided Connected documents. Monitor for updates.
CVE-2022-29116
Technical details for CVE-2022-29116 are not provided in the supplied connected documents. Public disclosures exist, but this set does not include affected products/versions, root cause, exploit info, or fixes. Monitor official MSRC/MSKB updates for details.
CVE-2022-23284
Technical details for CVE-2022-23284 (affected product, root cause, impact, and fix) are not publicly available in the provided Connected documents. Monitor for updates from official sources.
CVE-2022-21967
Technical details about CVE-2022-21967 are not publicly provided in the supplied documents. Monitor for updates from official sources for affected products, impact, and remediation information.
CVE-2022-30216
CVE-2022-30216 is a Windows Server Service Tampering vulnerability caused by an off-by-one error in the Windows Server Service, enabling authentication coercion that, per Akamai, could lead to domain controller access. Public writeups describe the issue as affecting Windows Server/Server Service ...
CVE-2022-30138
Technical details for CVE-2022-30138 are not provided in the supplied documents. The records mention Windows Print Spooler elevation of privilege but do not specify affected products/versions, root cause, exploit information, or fixes. Monitor for updates.
CVE-2021-43883
CVE-2021-43883 is a Windows Installer Elevation of Privilege vulnerability. The Windows Installer component can be abused when a user is tricked into installing a malicious package, enabling an attacker to gain elevated privileges on the system. The CVSS details in the provided data show a local ...
CVE-2022-34691
CVE-2022-34691 is referenced in connected Citrix and Windows update documentation. Citrix CTX479236 summarizes FAS information tying CVE-2022-34691 to Microsoft KB KB5014754 and related CVEs, describing SSO/Kerberos-related behaviors with VDA and smart card authentication failures when FAS is inv...
CVE-2022-30160
CVE-2022-30160 is a Windows ALPC (Advanced Local Procedure Call) Elevation of Privilege vulnerability. The connected documents identify the issue as a local, low-complexity privilege escalation with no required user interaction and high impact on confidentiality, integrity, and availability (per ...
CVE-2022-41099
CVE-2022-41099 is a BitLocker security feature bypass related to Windows Recovery Environment (WinRE). The connected Nessus/KB entries confirm WinRE-specific remediation: devices must update the WinRE partition (via Microsoft KBs tied to KB5025175, KB5022291, KB5022303, KB5022289, etc.) because i...
CVE-2022-21849
CVE-2022-21849 is a remote code execution vulnerability in Windows IKE Extension. The IDS/attack surface centers on the IPSec/IKE service; a remote attacker could trigger multiple vulnerabilities when the IPSec service is running, without authentication. Public details in connected documents iden...
CVE-2022-30221
CVE-2022-30221 is a Windows Graphics Component remote code execution vulnerability. The cited sources indicate exploitation requires a user to connect to a malicious RDP server, enabling code execution in the context of the targeted user. Remediation is via Microsoft’s July 2022 security updates ...
CVE-2022-44710
CVE-2022-44710: DirectX Graphics Kernel Elevation of Privilege vulnerability in Windows, reportedly exploitable via a race condition and requiring local access with low privileges; CVSS v3.1 base score 7.8 (HIGH). Patch guidance is to install the relevant Windows updates (as per December 2022 Pat...
CVE-2022-21974
CVE-2022-21974 corresponds to Microsoft Roaming Security Rights Management Services remote code execution. Connected sources corroborate a user-assisted scenario where exploitation involves opening a malicious RTF file in Microsoft Word, implying phishing-like delivery. The AVLEONOV post explicit...
CVE-2022-24459
CVE-2022-24459 is an Elevation of Privilege in Windows Fax and Scan service. Connected sources note a PoC exploit exists and that Microsoft patched vulnerabilities in March 2022 Patch Tuesday, but no concrete product/version/fix details are provided in the documents.
CVE-2022-22038
CVE-2022-22038 is a Remote Procedure Call Runtime Remote Code Execution vulnerability. Connected sources note a POC exploit exists and that exploitation would require multiple attempts with high attack complexity, potentially over a network. The available documents do not specify affected product...