Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2021-05-21 |
| Product | Windows 10 | Last view | 2022-08-15 |
| Version | 21h2 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_10 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.1 | 2022-08-15 | CVE-2022-35822 | Windows Defender Credential Guard Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-34709. |
| 7.8 | 2022-08-15 | CVE-2022-34711 | Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34705, CVE-2022-35771. |
| 6 | 2022-08-09 | CVE-2022-34709 | Windows Defender Credential Guard Security Feature Bypass Vulnerability. |
| 5.5 | 2022-08-09 | CVE-2022-34708 | Windows Kernel Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30197. |
| 7.8 | 2022-08-09 | CVE-2022-34707 | Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35761, CVE-2022-35768. |
| 7.8 | 2022-08-09 | CVE-2022-34706 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. |
| 7.8 | 2022-08-09 | CVE-2022-34705 | Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35771. |
| 5.5 | 2022-08-09 | CVE-2022-34704 | Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34710, CVE-2022-34712. |
| 7.8 | 2022-08-09 | CVE-2022-34703 | Windows Partition Management Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33670. |
| 8.1 | 2022-08-09 | CVE-2022-34702 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794. |
| 7.5 | 2022-08-09 | CVE-2022-34701 | Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. |
| 7.8 | 2022-08-09 | CVE-2022-34699 | Windows Win32k Elevation of Privilege Vulnerability. |
| 7 | 2022-07-12 | CVE-2022-33644 | Xbox Live Save Service Elevation of Privilege Vulnerability. |
| 6.5 | 2022-06-15 | CVE-2022-30189 | Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability. |
| 7.8 | 2022-06-15 | CVE-2022-30166 | Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. |
| 8.8 | 2022-06-15 | CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability. |
| 8.4 | 2022-06-15 | CVE-2022-30164 | Kerberos AppContainer Security Feature Bypass Vulnerability. |
| 5.5 | 2022-06-15 | CVE-2022-30162 | Windows Kernel Information Disclosure Vulnerability. |
| 8.8 | 2022-06-15 | CVE-2022-30161 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153. |
| 7.8 | 2022-06-15 | CVE-2022-30160 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. |
| 7.8 | 2022-06-15 | CVE-2022-30147 | Windows Installer Elevation of Privilege Vulnerability. |
| 7.5 | 2022-06-15 | CVE-2022-30142 | Windows File History Remote Code Execution Vulnerability. |
| 7.8 | 2022-06-15 | CVE-2022-30132 | Windows Container Manager Service Elevation of Privilege Vulnerability. |
| 7.5 | 2022-06-14 | CVE-2022-32230 | Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. |
| 7.8 | 2022-06-01 | CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 67% (39) | CWE-269 | Improper Privilege Management |
| 24% (14) | CWE-362 | Race Condition |
| 1% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 1% (1) | CWE-476 | NULL Pointer Dereference |
| 1% (1) | CWE-319 | Cleartext Transmission of Sensitive Information |
| 1% (1) | CWE-295 | Certificate Issues |
| 1% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
