Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-22305 |
Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. Published: November 14, 2023; 2:15:16 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-22292 |
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access. Published: November 14, 2023; 2:15:16 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-22290 |
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access. Published: November 14, 2023; 2:15:16 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-22285 |
Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access. Published: November 14, 2023; 2:15:16 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-46647 |
Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. Published: November 14, 2023; 2:15:15 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-46646 |
Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. Published: November 14, 2023; 2:15:15 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-46301 |
Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. Published: November 14, 2023; 2:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2022-46299 |
Insufficient control flow management for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. Published: November 14, 2023; 2:15:14 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-46298 |
Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. Published: November 14, 2023; 2:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2022-45469 |
Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access. Published: November 14, 2023; 2:15:14 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-45109 |
Improper initialization for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. Published: November 14, 2023; 2:15:14 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-43666 |
Exposure of sensitive system information due to uncleared debug information for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. Published: November 14, 2023; 2:15:14 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-43477 |
Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. Published: November 14, 2023; 2:15:13 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-36396 |
Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local access. Published: November 14, 2023; 2:15:12 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-36374 |
Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local access. Published: November 14, 2023; 2:15:12 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-6006 |
This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must be able to write into the local C Drive. In addition, the attacker must have admin privileges to enable Print Archiving or encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM Published: November 13, 2023; 11:15:07 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-45284 |
On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local. Published: November 09, 2023; 12:15:08 PM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-45283 |
The filepath package does not recognize paths with a \??\ prefix as special. On Windows, a path beginning with \??\ is a Root Local Device path equivalent to a path beginning with \\?\. Paths with a \??\ prefix may be used to access arbitrary locations on the system. For example, the path \??\c:\x is equivalent to the more common path c:\x. Before fix, Clean could convert a rooted path such as \a\..\??\b into the root local device path \??\b. Clean will now convert this to .\??\b. Similarly, Join(\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \??\b. Join will now convert this to \.\??\b. In addition, with fix, IsAbs now correctly reports paths beginning with \??\ as absolute, and VolumeName correctly reports the \??\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \?, resulting in filepath.Clean(\?\c:) returning \?\c: rather than \?\c:\ (among other effects). The previous behavior has been restored. Published: November 09, 2023; 12:15:08 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-4891 |
A potential use-after-free vulnerability was reported in the Lenovo View driver that could result in denial of service. Published: November 08, 2023; 5:15:11 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-47113 |
BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.4.2 is vulnerable to a DLL Hijacking vulnerability. By placing a DLL in the Folder c:\DLLs, an attacker can run arbitrary code on every execution of BleachBit for Windows. This issue has been patched in version 4.5.0. Published: November 08, 2023; 5:15:10 PM -0500 |
V3.1: 7.3 HIGH V2.0:(not available) |