A vulnerability classified as critical has been found in Microsoft Windows (Operating System). This affects an unknown part of the component Certificate Handler. Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.
Microsoft Windows Certificate Privilege Escalation [CVE-2022-21836]
- Virtual Patching
- January 11, 2022
- 10:11 pm
CVE-2024-20381 : CISCO IOS XR JSON-RPC API IMPROPER AUTHORIZATION
Description A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco
CVE-2024-44466 : COMFAST CF-XR11 2.7.2 HTTP POST REQUEST /USR/BIN/WEBMGNT SUB_424CB4 IFACE COMMAND INJECTION
Description COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt
CVE-2024-45013 : LINUX KERNEL UP TO 6.10.6 NVME_UNINIT_CTRL USE AFTER FREE
Description In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvme_uninit_ctrl() Commit 4733b65d82bd (“nvme: