Lucene search
+L
MicrosoftWindows 11

573 matches found

CVE
CVE
added 2022/04/15 7:3 p.m.251 views

CVE-2022-24533

Technical details about CVE-2022-24533 (affected products, components, root cause, versions, fixes) are not provided in the connected documents. The available materials only reiterate a Remote Desktop Protocol RCE without specifics. Monitor for updates.

8.5CVSS8.9AI score0.05294EPSS
CVE
CVE
added 2022/03/09 5:8 p.m.246 views

CVE-2022-24507

CVE-2022-24507 concerns the Windows Ancillary Function Driver for WinSock, describing an elevation of privilege vulnerability. The connected records indicate the issue is tied to WinSock’s ancillary driver and classify the vulnerability with a high-impact profile (CVSS 3.1: LOCAL, LOW privileges ...

7.8CVSS8.1AI score0.03867EPSS
CVE
CVE
added 2022/07/12 10:37 p.m.245 views

CVE-2022-22038

CVE-2022-22038 is a Remote Procedure Call Runtime Remote Code Execution vulnerability. Connected sources note a POC exploit exists and that exploitation would require multiple attempts with high attack complexity, potentially over a network. The available documents do not specify affected product...

8.1CVSS8.5AI score0.02378EPSS
CVE
CVE
added 2022/03/09 5:8 p.m.245 views

CVE-2022-24525

CVE-2022-24525 is a Windows Update Stack Elevation of Privilege vulnerability affecting the Windows Update Stack. The available connected documents confirm a local, privilege-escalation flaw with a CVSSv3.1 base score of 7.0 (High) and Local attack vector, Independent of user interaction. Publicl...

7CVSS7.7AI score0.00426EPSS
CVE
CVE
added 2022/03/09 5:6 p.m.244 views

CVE-2022-23281

CVE-2022-23281 corresponds to a Windows Common Log File System Driver information-disclosure vulnerability. Connected sources describe it as an information leak in the CLFS driver, with CNVD noting “excessive data output” as the underlying issue. Impact is a confidentiality risk; CVSS metrics in ...

5.5CVSS6.6AI score0.01054EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.241 views

CVE-2021-43207

Technical details (affected component, root cause, exploitability, and fixes) for CVE-2021-43207 are not provided in the connected documents. Only the vulnerability name and CVSS metrics are present. Monitor official disclosures for specifics.

7.8CVSS8.6AI score0.00632EPSS
In wild
CVE
CVE
added 2022/02/09 4:36 p.m.241 views

CVE-2022-21989

CVE-2022-21989 is a Windows Kernel elevation-of-privilege vulnerability. A local attacker can exploit it to escalate privileges and execute code at a higher integrity level, as indicated by Microsoft’s advisory and related coverage. Exploitation requires local access and may depend on additional ...

7.8CVSS7.7AI score0.03193EPSS
CVE
CVE
added 2022/03/09 5:7 p.m.241 views

CVE-2022-24460

Technical details for CVE-2022-24460 are not publicly provided in the supplied documents; no concrete affected product versions or remediation are specified. Monitor for updates.

7.6CVSS7.6AI score0.01943EPSS
CVE
CVE
added 2022/04/15 7:3 p.m.241 views

CVE-2022-24534

Technical details about CVE-2022-24534 are not publicly available in the provided documents. No explicit affected products, root cause, impact, or remediation are described here; monitor for updates.

7.5CVSS8.7AI score0.0179EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.241 views

CVE-2022-37981

CVE-2022-37981 is a DoS vulnerability in Windows Event Logging Service. The CNVD entry states the denial arises from a failure to properly handle incoming error messages, enabling an attacker to cause DoS on the affected Windows component. Affected product is Windows Event Logging Service; impact...

4.3CVSS6.3AI score0.02005EPSS
CVE
CVE
added 2022/08/09 8:6 p.m.240 views

CVE-2022-35794

CVE-2022-35794 refers to a Windows SSTP (Secure Socket Tunneling Protocol) Remote Code Execution vulnerability. The connected sources confirm a vulnerability in the SSTP/Remote Access stack that can enable RCE via a race condition. An unauthenticated attacker could trigger this by sending a craft...

8.1CVSS9AI score0.01566EPSS
CVE
CVE
added 2022/05/10 8:33 p.m.239 views

CVE-2022-22019

Technical details for CVE-2022-22019 are not provided in the connected documents. Public details (affected products, exploit info, impact, remediation) are not present here. Monitor for official updates.

8.8CVSS9.4AI score0.02493EPSS
CVE
CVE
added 2022/03/09 5:7 p.m.238 views

CVE-2022-23287

CVE-2022-23287 is described in connected documents as a Windows ALPC elevation of privilege vulnerability. The core issue involves Local privilege escalation via ALPC in Windows; impact is reported as high for confidentiality, integrity, and availability (C/I/A). The CVSS data (3.1) from NVD indi...

7CVSS7.6AI score0.00558EPSS
CVE
CVE
added 2022/04/15 7:3 p.m.238 views

CVE-2022-24482

CVE-2022-24482 is a Windows ALPC Elevation of Privilege Vulnerability. The NVD entry shows a CVSS2 base score of 4.4 (LOCAL, medium) and a CVSS3.1 base score of 7.0 (LOCAL, HIGH, with HIGH confidentiality/integrity/availability impact). Connected sources confirm Windows as the affected platform a...

7CVSS8.1AI score0.00313EPSS
CVE
CVE
added 2022/07/12 10:36 p.m.237 views

CVE-2022-21845

Public technical details for CVE-2022-21845 are not present in the provided documents. Connected sources reference KBs and KEV listings but do not specify affected components, versions, root cause, or remediation. Monitor for updates.

4.7CVSS6.1AI score0.00677EPSS
CVE
CVE
added 2022/03/09 5:6 p.m.237 views

CVE-2022-22010

Technical details for CVE-2022-22010 are not publicly provided in the supplied documents. No concrete exploit vectors, affected products, or remediation are present here. Monitor for updates from official sources as more information becomes available.

5.5CVSS5.7AI score0.02445EPSS
CVE
CVE
added 2022/03/09 5:7 p.m.237 views

CVE-2022-23294

Technical details about CVE-2022-23294 are not publicly provided in the supplied documents. Monitor for updates.

8.8CVSS8.8AI score0.0222EPSS
CVE
CVE
added 2022/04/15 7:4 p.m.237 views

CVE-2022-26788

No concrete technical details about CVE-2022-26788 are provided in the connected documents. The initial entry only notes a PowerShell Elevation of Privilege vulnerability; monitor for updates in public advisories.

7.8CVSS8.6AI score0.00614EPSS
CVE
CVE
added 2022/08/26 12:0 a.m.236 views

CVE-2022-34303

CVE-2022-34303 describes a Secure Boot bypass in signed 3rd‑party UEFI bootloaders (Eurosoft) where an attacker can substitute the current signed bootloader with a malicious one to load unsigned code in the pre-boot phase. Access to the EFI System Partition is required to boot via external media,...

6.7CVSS8.2AI score0.00813EPSS
CVE
CVE
added 2022/07/12 10:36 p.m.235 views

CVE-2022-22024

CVE-2022-22024 is a Windows Fax Service Remote Code Execution vulnerability. Affected: Windows Fax Service on Windows OS. Root cause: unspecified in the provided docs, but described as a remote code execution vulnerability with network/local access vectors in the CVSS data. Impact: high (CVE metr...

7.8CVSS8.3AI score0.01991EPSS
CVE
CVE
added 2022/08/15 8:30 p.m.235 views

CVE-2022-35822

CVE-2022-35822 is a local security-bypass vulnerability affecting Windows Defender Credential Guard, with high impact to confidentiality and integrity and no availability impact. It requires low privileges and is exploitable with local access and no user interaction. The provided documents do not...

7.1CVSS6.7AI score0.00822EPSS
CVE
CVE
added 2022/07/12 10:37 p.m.234 views

CVE-2022-30223

CVE-2022-30223 affects Windows Hyper-V and is categorized as an information-disclosure vulnerability. The provided data indicate a Confidentiality impact (C) of High with no Integrity or Availability impact (I/N, A/N) and a Medium overall severity (CVSSv3.1 base score 5.7; AV:A, AC:L, PR:L, UI:N,...

5.7CVSS6.6AI score0.00831EPSS
CVE
CVE
added 2022/04/15 7:4 p.m.231 views

CVE-2022-24541

CVE-2022-24541 is described in the initial entry as a Windows Server Service Remote Code Execution vulnerability. Connected material explicitly associates the CVE with a Windows SMB-based remote code execution context, indicating the vulnerability affects the Windows Server service and can enable...

9.3CVSS9.4AI score0.02946EPSS
CVE
CVE
added 2022/03/09 5:7 p.m.230 views

CVE-2022-24454

Technical details for CVE-2022-24454 are not publicly provided in the supplied documents. No affected product/version/impact/fix details are present here. Monitor for updates.

7.8CVSS8.1AI score0.00604EPSS
CVE
CVE
added 2022/04/15 7:4 p.m.229 views

CVE-2022-24546

CVE-2022-24546 is a Windows elevation-of-privilege vulnerability in the DWM Core Library. The CNVD/CNNVD entries describe an incorrect programmatic call to a high-level native procedure in the DWM Core Library that could be exploited to gain higher privileges. The vulnerability is local, requires...

7.8CVSS8.6AI score0.00793EPSS
CVE
CVE
added 2022/05/10 8:33 p.m.228 views

CVE-2022-22013

Technical details about CVE-2022-22013 are not provided in the connected documents; no affected products, root cause, or fixes are specified here. Monitor for updates.

8.8CVSS9.4AI score0.0227EPSS
CVE
CVE
added 2022/04/15 7:5 p.m.228 views

CVE-2022-26903

Technical details about CVE-2022-26903 (affected components, root cause, impact, and fixes) are not provided in the supplied documents. Monitor for updates from Microsoft and CVE databases for official disclosures and remediation information.

9.3CVSS8.8AI score0.02516EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.228 views

CVE-2022-38045

CVE-2022-38045 affects the Windows Server Service (Windows Server) and is categorized as an Elevation of Privilege vulnerability with a CVSSv3 base score of 8.8 (HIGH). The connected OpenVAS/NCSC entries corroborate that this CVE is associated with Windows components and is listed among Microsoft...

8.8CVSS8.6AI score0.0204EPSS
CVE
CVE
added 2022/08/09 7:58 p.m.227 views

CVE-2022-35771

Technical details about CVE-2022-35771 are not provided in the supplied documents; the initial entry lacks affected products, root cause, impact, or remediation information. Monitor for official updates.

7.8CVSS8.6AI score0.00777EPSS
CVE
CVE
added 2022/04/15 7:2 p.m.226 views

CVE-2022-22008

CVE-2022-22008 is a Windows Hyper-V Remote Code Execution vulnerability. Connected sources confirm it affects Microsoft Windows Hyper-V and is a local-vector, post-exploitation risk class with potential for arbitrary code execution via Hyper-V components. The CNVD entry describes a competitive co...

7.8CVSS8.8AI score0.004EPSS
CVE
CVE
added 2022/05/10 8:33 p.m.225 views

CVE-2022-22015

Technical details about CVE-2022-22015 are not provided in the connected documents. The MSKB entries listed pertain to OS/security updates but do not disclose affected RDP components, exploit specifics, or patch details for this CVE. Monitor for updates.

6.5CVSS7.7AI score0.02369EPSS
CVE
CVE
added 2022/05/10 8:34 p.m.224 views

CVE-2022-29132

Technical details about CVE-2022-29132 (Windows Print Spooler elevation) are not provided in the supplied documents. No affected product/version or remediation is specified here. Monitor for official updates.

7.8CVSS8.6AI score0.00666EPSS
CVE
CVE
added 2022/06/15 9:51 p.m.224 views

CVE-2022-30139

CVE-2022-30139 is an LDAP Remote Code Execution vulnerability in Windows LDAP/AD environments. The exploitability relies on a misconfiguration: the MaxReceiveBuffer policy for LDAP must be set higher than the default for the vulnerability to be exploitable. Some LDAP RCE variants (including CVE-2...

7.5CVSS8.2AI score0.02116EPSS
CVE
CVE
added 2022/05/10 8:33 p.m.223 views

CVE-2022-26913

CVE-2022-26913 is a Windows authentication information-disclosure vulnerability. The available connected data identifies affected software broadly as Windows operating systems and notes exploitation would involve information disclosure through the Windows authentication process. Public documentat...

7.4CVSS8.2AI score0.02309EPSS
CVE
CVE
added 2022/05/10 8:34 p.m.223 views

CVE-2022-29126

Technical details for CVE-2022-29126 are not provided in the supplied documents; no affected products, root cause, or remediation are specified here. Monitor for updates from the referenced sources.

7CVSS8.1AI score0.006EPSS
CVE
CVE
added 2022/06/15 9:51 p.m.223 views

CVE-2022-30141

CVE-2022-30141 is listed as one of seven high‑level LDAP remote code execution vulnerabilities disclosed for Windows LDAP during Patch Tuesday 2022. The linked Avleonov post explicitly groups CVE-2022-30141 among Windows LDAP RCEs and notes that for three LDAP CVEs (including this one) an affecte...

9.3CVSS8.5AI score0.02346EPSS
CVE
CVE
added 2021/10/13 12:26 a.m.221 views

CVE-2021-26441

CVE-2021-26441 is a local-elevation vulnerability in the Storage Spaces Controller. CVSSv3.1 base 7.8 (HIGH): LOCAL vector, LOW privileges required, no user interaction; impacts on confidentiality, integrity, and availability are High. The provided documents do not specify affected product/versio...

7.8CVSS7.9AI score0.00922EPSS
CVE
CVE
added 2022/01/11 8:22 p.m.221 views

CVE-2022-21874

CVE-2022-21874 is a Windows Security Center API RCE vulnerability. Public details in the connected documents describe it as an RCE in the Windows Security Center API with a CVSS v3.1 base score of 7.8 (High) and a Local attack vector requiring user interaction for exploitation. Exploitation conte...

10CVSS8.9AI score0.02343EPSS
CVE
CVE
added 2022/04/15 7:2 p.m.221 views

CVE-2022-21983

CVE-2022-21983 is a Win32 Stream Enumeration Remote Code Execution vulnerability. The connected sources show an in-scope CVE with a network attack vector and high impact: CVSSv3.1 base score 7.5 (HIGH), with no authentication (NONE) and user interaction required (REQUIRED); confidentiality, integ...

7.5CVSS8.7AI score0.01936EPSS
CVE
CVE
added 2022/01/11 8:22 p.m.220 views

CVE-2022-21893

Technical details about CVE-2022-21893 are not provided in the connected documents. The supplied sources include high-level vulnerability descriptions and update references, but no specifics on affected products/versions or fixes. Monitor for updated, concrete disclosures.

8.5CVSS8.9AI score0.06793EPSS
CVE
CVE
added 2022/08/09 7:55 p.m.218 views

CVE-2022-34714

Technical details about CVE-2022-34714 are not provided in the attached documents. The connected items do not describe affected products, root cause, impact, or remediation for this CVE. Monitor for updates.

8.1CVSS9AI score0.01609EPSS
CVE
CVE
added 2022/02/09 4:36 p.m.217 views

CVE-2022-21984

CVE-2022-21984 is a Windows DNS Server Remote Code Execution vulnerability. The issue affects Windows DNS Server when dynamic updates are enabled, potentially allowing an attacker to take over the DNS server and execute code with elevated privileges. Mitigation in the provided documents points to...

8.8CVSS8.8AI score0.04797EPSS
CVE
CVE
added 2022/08/09 7:58 p.m.217 views

CVE-2022-35769

Technical details for CVE-2022-35769 (Windows PPP DoS) are not provided in the supplied documents. No affected product/version or remediation is described here. Monitor for updates from Microsoft and Vulners for confirmed specifics.

7.5CVSS8.4AI score0.01973EPSS
CVE
CVE
added 2022/08/09 8:6 p.m.216 views

CVE-2022-35792

Technical details (affected product/versions, root cause, exploit information, and remediation) are not provided in the connected documents for CVE-2022-35792. Monitor for updates.

7.8CVSS8.6AI score0.00592EPSS
CVE
CVE
added 2022/12/13 12:0 a.m.216 views

CVE-2022-44707

Technical details about CVE-2022-44707 are not provided in the supplied documents. The connected set does not describe affected products/versions or remediation; monitor for updates.

6.5CVSS7AI score0.02544EPSS
CVE
CVE
added 2022/03/09 5:7 p.m.215 views

CVE-2022-23297

CVE-2022-23297 is described as Windows NT LAN Manager Datagram Receiver Driver Information Disclosure Vulnerability. According to the initial entry, it has a CVSSv3.1 base score of 5.5 (MEDIUM) with LOCAL attack vector, LOW attack complexity, and LOW privileges required, causing HIGH confidential...

5.5CVSS6.6AI score0.00733EPSS
CVE
CVE
added 2022/08/09 12:0 a.m.215 views

CVE-2022-34704

CVE-2022-34704 is a Windows Defender Credential Guard Information Disclosure vulnerability. The CVSS‑3.1 base score is 4.7 (Medium) with Local attack vector, HIGH attack complexity, LOW privileges required, and NONE user interaction. Confidentiality impact is HIGH; integrity and availability are ...

4.7CVSS6.5AI score0.01183EPSS
CVE
CVE
added 2022/04/15 7:5 p.m.214 views

CVE-2022-26831

CVE-2022-26831 : Windows LDAP Denial of Service vulnerability. The vulnerability is described as a Windows LDAP DoS issue with a Network attack vector (no user interaction) and a high-impact on availability (per CVSS v3.1: 7.5, HIGH; CVSS v2: 5.0, MEDIUM). Connected sources confirm the Windows LD...

7.5CVSS8.4AI score0.02973EPSS
CVE
CVE
added 2022/01/11 8:22 p.m.212 views

CVE-2022-21857

Technical details for CVE-2022-21857 (Active Directory Domain Services Elevation of Privilege) are not provided in the connected documents. The initial description confirms AD DS Elevation of Privilege, but no affected product versions, root cause, impact, or fixes are included here. Monitor for ...

9CVSS9.1AI score0.02496EPSS
CVE
CVE
added 2022/03/09 5:6 p.m.212 views

CVE-2022-23253

CVE-2022-23253 is a Windows PPTP Denial of Service vulnerability. The records show it has a CVSS v3.1 base score of 6.5 (Network, Low attack complexity, Privileges Low, No user interaction) with HIGH availability impact. Concrete details about affected products, versions, or exploit activity are ...

6.5CVSS7.3AI score0.56376EPSS
Total number of security vulnerabilities573