| Tag |
CVE ID |
CVE Title |
Severity |
| Active Directory Domain Services |
CVE-2022-38042 |
Active Directory Domain Services Elevation of Privilege Vulnerability |
Important |
| Azure |
CVE-2022-38017 |
StorSimple 8000 Series Elevation of Privilege Vulnerability |
Important |
| Azure Arc |
CVE-2022-37968 |
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability |
Critical |
| Client Server Run-time Subsystem (CSRSS) |
CVE-2022-37987 |
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability |
Important |
| Client Server Run-time Subsystem (CSRSS) |
CVE-2022-37989 |
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability |
Important |
| Microsoft Edge (Chromium-based) |
CVE-2022-3311 |
Chromium: CVE-2022-3311 Use after free in Import |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3313 |
Chromium: CVE-2022-3313 Incorrect security UI in Full Screen |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3315 |
Chromium: CVE-2022-3315 Type confusion in Blink |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3370 |
Chromium: CVE-2022-3370 Use after free in Custom Elements |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3373 |
Chromium: CVE-2022-3373 Out of bounds write in V8 |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3316 |
Chromium: CVE-2022-3316 Insufficient validation of untrusted input in Safe Browsing |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3317 |
Chromium: CVE-2022-3317 Insufficient validation of untrusted input in Intents |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3310 |
Chromium: CVE-2022-3310 Insufficient policy enforcement in Custom Tabs |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3304 |
Chromium: CVE-2022-3304 Use after free in CSS |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-41035 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability |
Moderate |
| Microsoft Edge (Chromium-based) |
CVE-2022-3308 |
Chromium: CVE-2022-3308 Insufficient policy enforcement in Developer Tools |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-3307 |
Chromium: CVE-2022-3307 Use after free in Media |
Unknown |
| Microsoft Graphics Component |
CVE-2022-37986 |
Windows Win32k Elevation of Privilege Vulnerability |
Important |
| Microsoft Graphics Component |
CVE-2022-38051 |
Windows Graphics Component Elevation of Privilege Vulnerability |
Important |
| Microsoft Graphics Component |
CVE-2022-37997 |
Windows Graphics Component Elevation of Privilege Vulnerability |
Important |
| Microsoft Graphics Component |
CVE-2022-37985 |
Windows Graphics Component Information Disclosure Vulnerability |
Important |
| Microsoft Graphics Component |
CVE-2022-33635 |
Windows GDI+ Remote Code Execution Vulnerability |
Important |
| Microsoft Office |
CVE-2022-38001 |
Microsoft Office Spoofing Vulnerability |
Important |
| Microsoft Office |
CVE-2022-38048 |
Microsoft Office Remote Code Execution Vulnerability |
Critical |
| Microsoft Office |
CVE-2022-41043 |
Microsoft Office Information Disclosure Vulnerability |
Important |
| Microsoft Office SharePoint |
CVE-2022-38053 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Important |
| Microsoft Office SharePoint |
CVE-2022-41036 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Important |
| Microsoft Office SharePoint |
CVE-2022-41038 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Critical |
| Microsoft Office SharePoint |
CVE-2022-41037 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Important |
| Microsoft Office Word |
CVE-2022-41031 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
| Microsoft Office Word |
CVE-2022-38049 |
Microsoft Office Graphics Remote Code Execution Vulnerability |
Important |
| Microsoft WDAC OLE DB provider for SQL |
CVE-2022-37982 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
Important |
| Microsoft WDAC OLE DB provider for SQL |
CVE-2022-38031 |
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
Important |
| NuGet Client |
CVE-2022-41032 |
NuGet Client Elevation of Privilege Vulnerability |
Important |
| Remote Access Service Point-to-Point Tunneling Protocol |
CVE-2022-37965 |
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability |
Important |
| Role: Windows Hyper-V |
CVE-2022-37979 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Critical |
| Service Fabric |
CVE-2022-35829 |
Service Fabric Explorer Spoofing Vulnerability |
Important |
| Visual Studio Code |
CVE-2022-41042 |
Visual Studio Code Information Disclosure Vulnerability |
Important |
| Visual Studio Code |
CVE-2022-41034 |
Visual Studio Code Remote Code Execution Vulnerability |
Important |
| Visual Studio Code |
CVE-2022-41083 |
Visual Studio Code Elevation of Privilege Vulnerability |
Important |
| Windows Active Directory Certificate Services |
CVE-2022-37978 |
Windows Active Directory Certificate Services Security Feature Bypass |
Important |
| Windows Active Directory Certificate Services |
CVE-2022-37976 |
Active Directory Certificate Services Elevation of Privilege Vulnerability |
Critical |
| Windows ALPC |
CVE-2022-38029 |
Windows ALPC Elevation of Privilege Vulnerability |
Important |
| Windows CD-ROM Driver |
CVE-2022-38044 |
Windows CD-ROM File System Driver Remote Code Execution Vulnerability |
Important |
| Windows COM+ Event System Service |
CVE-2022-41033 |
Windows COM+ Event System Service Elevation of Privilege Vulnerability |
Important |
| Windows Connected User Experiences and Telemetry |
CVE-2022-38021 |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
Important |
| Windows CryptoAPI |
CVE-2022-34689 |
Windows CryptoAPI Spoofing Vulnerability |
Critical |
| Windows Defender |
CVE-2022-37971 |
Microsoft Windows Defender Elevation of Privilege Vulnerability |
Important |
| Windows DHCP Client |
CVE-2022-38026 |
Windows DHCP Client Information Disclosure Vulnerability |
Important |
| Windows DHCP Client |
CVE-2022-37980 |
Windows DHCP Client Elevation of Privilege Vulnerability |
Important |
| Windows Distributed File System (DFS) |
CVE-2022-38025 |
Windows Distributed File System (DFS) Information Disclosure Vulnerability |
Important |
| Windows DWM Core Library |
CVE-2022-37970 |
Windows DWM Core Library Elevation of Privilege Vulnerability |
Important |
| Windows DWM Core Library |
CVE-2022-37983 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Important |
| Windows Event Logging Service |
CVE-2022-37981 |
Windows Event Logging Service Denial of Service Vulnerability |
Important |
| Windows Group Policy |
CVE-2022-37975 |
Windows Group Policy Elevation of Privilege Vulnerability |
Important |
| Windows Group Policy Preference Client |
CVE-2022-37994 |
Windows Group Policy Preference Client Elevation of Privilege Vulnerability |
Important |
| Windows Group Policy Preference Client |
CVE-2022-37993 |
Windows Group Policy Preference Client Elevation of Privilege Vulnerability |
Important |
| Windows Group Policy Preference Client |
CVE-2022-37999 |
Windows Group Policy Preference Client Elevation of Privilege Vulnerability |
Important |
| Windows Internet Key Exchange (IKE) Protocol |
CVE-2022-38036 |
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability |
Important |
| Windows Kernel |
CVE-2022-37988 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2022-38037 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2022-37990 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2022-38038 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2022-38039 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2022-37995 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2022-37991 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel |
CVE-2022-38022 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Local Security Authority (LSA) |
CVE-2022-38016 |
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability |
Important |
| Windows Local Security Authority Subsystem Service (LSASS) |
CVE-2022-37977 |
Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
Important |
| Windows Local Session Manager (LSM) |
CVE-2022-37973 |
Windows Local Session Manager (LSM) Denial of Service Vulnerability |
Important |
| Windows Local Session Manager (LSM) |
CVE-2022-37998 |
Windows Local Session Manager (LSM) Denial of Service Vulnerability |
Important |
| Windows NTFS |
CVE-2022-37996 |
Windows Kernel Memory Information Disclosure Vulnerability |
Important |
| Windows NTLM |
CVE-2022-35770 |
Windows NTLM Spoofing Vulnerability |
Important |
| Windows ODBC Driver |
CVE-2022-38040 |
Microsoft ODBC Driver Remote Code Execution Vulnerability |
Important |
| Windows Perception Simulation Service |
CVE-2022-37974 |
Windows Mixed Reality Developer Tools Information Disclosure Vulnerability |
Important |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-33634 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Critical |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-22035 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Critical |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-24504 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Critical |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-38047 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Critical |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-41081 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Critical |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-30198 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Critical |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-38000 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Critical |
| Windows Portable Device Enumerator Service |
CVE-2022-38032 |
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability |
Important |
| Windows Print Spooler Components |
CVE-2022-38028 |
Windows Print Spooler Elevation of Privilege Vulnerability |
Important |
| Windows Resilient File System (ReFS) |
CVE-2022-38003 |
Windows Resilient File System Elevation of Privilege |
Important |
| Windows Secure Channel |
CVE-2022-38041 |
Windows Secure Channel Denial of Service Vulnerability |
Important |
| Windows Security Support Provider Interface |
CVE-2022-38043 |
Windows Security Support Provider Interface Information Disclosure Vulnerability |
Important |
| Windows Server Remotely Accessible Registry Keys |
CVE-2022-38033 |
Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability |
Important |
| Windows Server Service |
CVE-2022-38045 |
Server Service Remote Protocol Elevation of Privilege Vulnerability |
Important |
| Windows Storage |
CVE-2022-38027 |
Windows Storage Elevation of Privilege Vulnerability |
Important |
| Windows TCP/IP |
CVE-2022-33645 |
Windows TCP/IP Driver Denial of Service Vulnerability |
Important |
| Windows USB Serial Driver |
CVE-2022-38030 |
Windows USB Serial Driver Information Disclosure Vulnerability |
Important |
| Windows Web Account Manager |
CVE-2022-38046 |
Web Account Manager Information Disclosure Vulnerability |
Important |
| Windows Win32K |
CVE-2022-38050 |
Win32k Elevation of Privilege Vulnerability |
Important |
| Windows WLAN Service |
CVE-2022-37984 |
Windows WLAN Service Elevation of Privilege Vulnerability |
Important |
| Windows Workstation Service |
CVE-2022-38034 |
Windows Workstation Service Elevation of Privilege Vulnerability |
Important |
Source: www.bleepingcomputer.com
