CVE CyberSecurity Database News

CVE-2022-35837 Windows Graphics Component Information Disclosure Vulnerability

Poster -

It was discovered that the Windows graphics component could improperly access computer memory. This vulnerability could allow an attacker to run malicious code on the affected system.

Affected Software: Windows 7/Server 2008 R2/Server 2012 Windows 8/Server 2012 Windows 10/Server 2016 Windows 7/Server 2008 R2/Server 2012 Windows 8/Server 2012 Windows 10/Server 2016 Windows 10 Version 1803 Windows 7/Server 2008 R2/Server 2012 Windows 8/Server 2012 Windows 10/Server 2016 Windows 10 Version 1709

CVE-2022-38008: Hyper-V Network Switch Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-34729.

It was discovered that the Hyper-V Network Switch component of Windows 10 could fail to handle packet validation and processing. This could allow an attacker to cause a denial of service via network traffic.

Affected Software: None Windows 10 Version 1803 Windows 10 Version 1709

CVE-2022-38009: Microsoft Exchange Server Elevated Privilege Vulnerability. This CVE ID is unique from CVE-2022-34730.

It was discovered that Microsoft Exchange Server did not sufficiently limit the privileges assigned to a process, thus allowing an attacker to gain elevated privileges.

Affected Software: Microsoft Exchange Server Microsoft Exchange Server on Windows 10 Microsoft Exchange Server on Windows 10 Version 1709

CVE-2022-38010: Microsoft Browser

Microsoft Browser Elevation of Privilege Vulnerability

It was discovered that Microsoft browsers do not sufficiently limit the privileges assigned to a process. This could allow an attacker to gain elevated privileges.
Affected Software: Microsoft Browser Software Microsoft Browser on Windows 10 Version 1709

Microsoft Browser Denial of Service Vulnerability

It was discovered that Microsoft Browser did not sufficiently check the privileges of a process, allowing an attacker to cause a denial of service.
Affected Software: Microsoft Browser
None

Timeline

Published on: 09/13/2022 19:15:00 UTC
Last modified on: 09/16/2022 17:58:00 UTC

References