Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-20564 |
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. Published: August 15, 2023; 6:15:11 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-20560 |
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service. Published: August 15, 2023; 6:15:09 PM -0400 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2022-44702 |
Windows Terminal Remote Code Execution Vulnerability Published: December 13, 2022; 2:15:14 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-33973 |
Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local access. Published: November 11, 2022; 11:15:15 AM -0500 |
V3.1: 3.3 LOW V2.0:(not available) |
CVE-2022-34303 |
A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Published: August 26, 2022; 2:15:09 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-34302 |
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Published: August 26, 2022; 2:15:09 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-34301 |
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Published: August 26, 2022; 2:15:09 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-30147 |
Windows Installer Elevation of Privilege Vulnerability Published: June 15, 2022; 6:15:13 PM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2022-30142 |
Windows File History Remote Code Execution Vulnerability Published: June 15, 2022; 6:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2022-30132 |
Windows Container Manager Service Elevation of Privilege Vulnerability Published: June 15, 2022; 6:15:13 PM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2022-32230 |
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. Published: June 14, 2022; 6:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2022-24508 |
Win32 File Enumeration Remote Code Execution Vulnerability Published: March 09, 2022; 12:15:15 PM -0500 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2022-24507 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Published: March 09, 2022; 12:15:15 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-33114 |
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an authenticated user to potentially enable denial of service via adjacent access. Published: February 09, 2022; 6:15:15 PM -0500 |
V3.1: 5.7 MEDIUM V2.0: 2.7 LOW |
CVE-2021-33113 |
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. Published: February 09, 2022; 6:15:15 PM -0500 |
V3.1: 8.1 HIGH V2.0: 4.8 MEDIUM |
CVE-2021-33110 |
Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Published: February 09, 2022; 6:15:15 PM -0500 |
V3.1: 6.5 MEDIUM V2.0: 3.3 LOW |
CVE-2022-21883 |
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Published: January 11, 2022; 4:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0: 7.1 HIGH |
CVE-2021-43227 |
Storage Spaces Controller Information Disclosure Vulnerability Published: December 15, 2021; 10:15:09 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-43226 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability Published: December 15, 2021; 10:15:09 AM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-43224 |
Windows Common Log File System Driver Information Disclosure Vulnerability Published: December 15, 2021; 10:15:09 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |