| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
|
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
|
| An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. |
| A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
| A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
| A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
| Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability |
| Windows TCP/IP Driver Elevation of Privilege Vulnerability |
| Windows Hyper-V Denial of Service Vulnerability |
| Windows Kernel Information Disclosure Vulnerability |
| NTFS Set Short Name Elevation of Privilege Vulnerability |
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
| Windows Remote Access Elevation of Privilege Vulnerability |
| Windows Setup Elevation of Privilege Vulnerability |
| Microsoft Message Queuing Information Disclosure Vulnerability |
| Storage Spaces Controller Information Disclosure Vulnerability |
| Windows Fax Service Remote Code Execution Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
| Windows Event Tracing Remote Code Execution Vulnerability |
