Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-37965 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2022-10-12 | N/A | 5.9 MEDIUM |
| Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. | |||||
| CVE-2022-37987 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 7.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37989. | |||||
| CVE-2022-37993 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 7.8 HIGH |
| Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37994, CVE-2022-37999. | |||||
| CVE-2022-35770 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 6.5 MEDIUM |
| Windows NTLM Spoofing Vulnerability. | |||||
| CVE-2022-34689 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 7.5 HIGH |
| Windows CryptoAPI Spoofing Vulnerability. | |||||
| CVE-2022-33645 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 7.5 HIGH |
| Windows TCP/IP Driver Denial of Service Vulnerability. | |||||
| CVE-2022-33635 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 7.8 HIGH |
| Windows GDI+ Remote Code Execution Vulnerability. | |||||
| CVE-2022-37990 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039. | |||||
| CVE-2022-37996 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2022-10-12 | N/A | 5.5 MEDIUM |
| Windows Kernel Memory Information Disclosure Vulnerability. | |||||
| CVE-2019-7061 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2022-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | |||||
| CVE-2022-37994 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-12 | N/A | 7.8 HIGH |
| Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37993, CVE-2022-37999. | |||||
| CVE-2022-37995 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-10-12 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039. | |||||
| CVE-2022-41744 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-10-11 | N/A | 7.0 HIGH |
| A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn a specific working directory into a mount point on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-41745 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-10-11 | N/A | 7.0 HIGH |
| An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-41746 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-10-11 | N/A | 9.1 CRITICAL |
| A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected installations to escalate privileges and modify certain agent groupings. Please note: an attacker must first obtain the ability to log onto the Apex One web console in order to exploit this vulnerability. | |||||
| CVE-2022-41748 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-10-11 | N/A | 6.7 MEDIUM |
| A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker with administrative credentials to bypass certain elements of the product's anti-tampering mechanisms on affected installations. Please note: an attacker must first obtain administrative credentials on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-41747 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-10-11 | N/A | 7.8 HIGH |
| An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-41749 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-10-11 | N/A | 7.8 HIGH |
| An origin validation error vulnerability in Trend Micro Apex One agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-39959 | 2 Microsoft, Panini | 2 Windows, Everest Engine | 2022-10-11 | N/A | 7.8 HIGH |
| Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a Trojan horse %PROGRAMDATA%\Panini\Everest.exe may be executed instead of the intended vendor-supplied EverestEngine.exe file. | |||||
| CVE-2022-26236 | 2 Beckmancoulter, Microsoft | 2 Remisol Advance, Windows | 2022-10-11 | N/A | 5.5 MEDIUM |
| The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data. | |||||