| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| DHCP Server Service Denial of Service Vulnerability |
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
|
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by
a local and low-privileged attacker.
|
| Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS. |
|
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.Â
|
|
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
|
| A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
| A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
| A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. |
| Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability |
| Windows TCP/IP Driver Elevation of Privilege Vulnerability |
| Windows Hyper-V Denial of Service Vulnerability |
| Windows Kernel Information Disclosure Vulnerability |
| NTFS Set Short Name Elevation of Privilege Vulnerability |
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
