January 2022 Security Updates Security Update secure@microsoft.com The Microsoft Security Response Center (MSRC) identifies, monitors, resolves, and responds to security incidents and Microsoft software security vulnerabilities. For more information, see http://www.microsoft.com/security/msrc. 2022-Jan 2022-Jan Final 1.0 42 2026-02-19T01:36:11 January 2022 Security Updates 2022-01-11T08:00:00 2026-02-19T01:36:11 <h2 id="updates-this-month">Updates this Month</h2> <p>This release consists of security updates for the following products, features and roles.</p> <ul> <li>.NET Framework</li> <li>Microsoft Dynamics</li> <li>Microsoft Edge (Chromium-based)</li> <li>Microsoft Exchange Server</li> <li>Microsoft Graphics Component</li> <li>Microsoft Office</li> <li>Microsoft Office Excel</li> <li>Microsoft Office SharePoint</li> <li>Microsoft Office Word</li> <li>Microsoft Teams</li> <li>Microsoft Windows Codecs Library</li> <li>Open Source Software</li> <li>Role: Windows Hyper-V</li> <li>Tablet Windows User Interface</li> <li>Windows Account Control</li> <li>Windows Active Directory</li> <li>Windows AppContracts API Server</li> <li>Windows Application Model</li> <li>Windows BackupKey Remote Protocol</li> <li>Windows Bind Filter Driver</li> <li>Windows Certificates</li> <li>Windows Cleanup Manager</li> <li>Windows Clipboard User Service</li> <li>Windows Cluster Port Driver</li> <li>Windows Common Log File System Driver</li> <li>Windows Connected Devices Platform Service</li> <li>Windows Cryptographic Services</li> <li>Windows Defender</li> <li>Windows Devices Human Interface</li> <li>Windows Diagnostic Hub</li> <li>Windows DirectX</li> <li>Windows DWM Core Library</li> <li>Windows Event Tracing</li> <li>Windows Geolocation Service</li> <li>Windows HTTP Protocol Stack</li> <li>Windows IKE Extension</li> <li>Windows Installer</li> <li>Windows Kerberos</li> <li>Windows Kernel</li> <li>Windows Libarchive</li> <li>Windows Local Security Authority</li> <li>Windows Local Security Authority Subsystem Service</li> <li>Windows Modern Execution Server</li> <li>Windows Push Notifications</li> <li>Windows RDP</li> <li>Windows Remote Access Connection Manager</li> <li>Windows Remote Desktop</li> <li>Windows Remote Procedure Call Runtime</li> <li>Windows Resilient File System (ReFS)</li> <li>Windows Secure Boot</li> <li>Windows Security Center</li> <li>Windows StateRepository API</li> <li>Windows Storage</li> <li>Windows Storage Spaces Controller</li> <li>Windows System Launcher</li> <li>Windows Task Flow Data Engine</li> <li>Windows Tile Data Repository</li> <li>Windows UEFI</li> <li>Windows UI Immersive Server</li> <li>Windows User Profile Service</li> <li>Windows User-mode Driver Framework</li> <li>Windows Virtual Machine IDE Drive</li> <li>Windows Win32K</li> <li>Windows Workstation Service Remote Protocol</li> </ul> <p>Please note the following information regarding the security updates:</p> <h2 id="security-update-guide-blog-posts">Security Update Guide Blog Posts</h2> <table> <thead> <tr> <th>Date</th> <th>Blog Post</th> </tr> </thead> <tbody> <tr> <td>January 11, 2022</td> <td><a href="https://aka.ms/SUGNotificationProfile">Coming Soon: A Brand-New Notification System!</a></td> </tr> <tr> <td>February 9, 2021</td> <td><a href="https://msrc-blog.microsoft.com/2021/02/09/continuing-to-listen-good-news-about-the-security-update-guide-api/">Continuing to Listen: Good News about the Security Update Guide API</a></td> </tr> <tr> <td>January 13, 2021</td> <td><a href="https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/">Security Update Guide Supports CVEs Assigned by Industry Partners</a></td> </tr> <tr> <td>December 8, 2020</td> <td><a href="https://msrc-blog.microsoft.com/2020/12/08/security-update-guide-lets-keep-the-conversation-going/">Security Update Guide: Let’s keep the conversation going</a></td> </tr> <tr> <td>November 9, 2020</td> <td><a href="https://msrc-blog.microsoft.com/2020/11/09/vulnerability-descriptions-in-the-new-version-of-the-security-update-guide/">Vulnerability Descriptions in the New Version of the Security Update Guide</a></td> </tr> </tbody> </table> <h2 id="relevant-information">Relevant Information</h2> <ul> <li>Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the <a href="https://www.catalog.update.microsoft.com/Home.aspx">Microsoft Update Catalog</a>. For information on lifecycle and support dates for Windows 10 operating systems, please see <a href="https://docs.microsoft.com/en-us/lifecycle/faq/windows">Windows Lifecycle Facts Sheet</a>.</li> <li>Microsoft is improving Windows Release Notes. For more information, please see <a href="https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-next-for-windows-release-notes/ba-p/1754399">What's next for Windows release notes</a>.</li> <li>A list of the latest servicing stack updates for each operating system can be found in <a href="https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001">ADV990001</a>. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.</li> <li>In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.</li> <li>Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See <a href="https://support.microsoft.com/en-us/topic/procedure-to-continue-receiving-security-updates-after-extended-support-ends-on-january-14-2020-48c59204-fe67-3f42-84fc-c3c3145ff28e">4522133</a> for more information.</li> </ul> <h2 id="faqs-mitigations-and-workarounds">FAQs, Mitigations, and Workarounds</h2> <p>The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting <strong>FAQs</strong>, <strong>Mitigations</strong> and <strong>Workarounds</strong> columns in the <strong>Edit Columns</strong> panel.</p> <ul> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-22947">CVE-2021-22947</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36976">CVE-2021-36976</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0096">CVE-2022-0096</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0097">CVE-2022-0097</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0098">CVE-2022-0098</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0099">CVE-2022-0099</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0100">CVE-2022-0100</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0101">CVE-2022-0101</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0102">CVE-2022-0102</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0103">CVE-2022-0103</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0104">CVE-2022-0104</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0105">CVE-2022-0105</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0106">CVE-2022-0106</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0107">CVE-2022-0107</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0108">CVE-2022-0108</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0109">CVE-2022-0109</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0110">CVE-2022-0110</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0111">CVE-2022-0111</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0112">CVE-2022-0112</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0113">CVE-2022-0113</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0114">CVE-2022-0114</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0115">CVE-2022-0115</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0116">CVE-2022-0116</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0117">CVE-2022-0117</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0118">CVE-2022-0118</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0120">CVE-2022-0120</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21836">CVE-2022-21836</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21837">CVE-2022-21837</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21838">CVE-2022-21838</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21840">CVE-2022-21840</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21841">CVE-2022-21841</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21842">CVE-2022-21842</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21843">CVE-2022-21843</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21846">CVE-2022-21846</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21848">CVE-2022-21848</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21849">CVE-2022-21849</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21850">CVE-2022-21850</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21851">CVE-2022-21851</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21855">CVE-2022-21855</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21857">CVE-2022-21857</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21876">CVE-2022-21876</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21877">CVE-2022-21877</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21880">CVE-2022-21880</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21882">CVE-2022-21882</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21883">CVE-2022-21883</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21887">CVE-2022-21887</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21889">CVE-2022-21889</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21890">CVE-2022-21890</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21892">CVE-2022-21892</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21893">CVE-2022-21893</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21900">CVE-2022-21900</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21901">CVE-2022-21901</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21904">CVE-2022-21904</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21905">CVE-2022-21905</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21907">CVE-2022-21907</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21912">CVE-2022-21912</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21914">CVE-2022-21914</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21915">CVE-2022-21915</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21917">CVE-2022-21917</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21920">CVE-2022-21920</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21922">CVE-2022-21922</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21928">CVE-2022-21928</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21929">CVE-2022-21929</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21930">CVE-2022-21930</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21931">CVE-2022-21931</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21954">CVE-2022-21954</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21958">CVE-2022-21958</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21959">CVE-2022-21959</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21960">CVE-2022-21960</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21961">CVE-2022-21961</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21962">CVE-2022-21962</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21963">CVE-2022-21963</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21964">CVE-2022-21964</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21969">CVE-2022-21969</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21970">CVE-2022-21970</a></li> <li><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22709">CVE-2022-22709</a></li> </ul> <h2 id="known-issues">Known Issues</h2> <p>You can see these in more detail from the Deployments tab by selecting <strong>Known Issues</strong> column in the <strong>Edit Columns</strong> panel.</p> <p>For more information about Windows Known Issues, please see <a href="https://docs.microsoft.com/en-us/windows/release-information/windows-message-center">Windows message center</a> (links to currently-supported versions of Windows are in the left pane).</p> <table> <thead> <tr> <th>KB Article</th> <th>Applies To</th> </tr> </thead> <tbody> <tr> <td><a href="https://support.microsoft.com/help/5002109">5002109</a></td> <td>SharePoint Server 2019 Core</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5002111">5002111</a></td> <td>SharePoint Server Subscription Edition Core</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5002113">5002113</a></td> <td>SharePoint Enterprise Server 2016</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5002127">5002127</a></td> <td>SharePoint Foundation 2013</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5008631">5008631</a></td> <td>Microsoft Exchange Server 2013, 2016, 2019</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009543">5009543</a></td> <td>Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009546">5009546</a></td> <td>Windows 10, version 1607, Windows Server 2016</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009555">5009555</a></td> <td>Windows Server 2022</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009557">5009557</a></td> <td>Windows Server 2019</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009566">5009566</a></td> <td>Windows 11</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009586">5009586</a></td> <td>Windows Server 2012 (Monthly Rollup)</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009595">5009595</a></td> <td>Windows 8.1, Windows Server 2012 R2 (Security-only update)</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009601">5009601</a></td> <td>Windows Server 2008 (Security-only update)</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009610">5009610</a></td> <td>Windows 7, Windows Server 2008 R2 (Monthly Rollup)</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009619">5009619</a></td> <td>Windows Server 2012 (Security-only update)</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009621">5009621</a></td> <td>Windows 7, Windows Server 2008 R2 (Security-only update)</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009624">5009624</a></td> <td>Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5009627">5009627</a></td> <td>Windows Server 2008 (Monthly Rollup)</td> </tr> </tbody> </table> The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows Server 2022 Windows Server 2022 (Server Core installation) Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 11 version 21H2 for x64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 HEVC Video Extensions Remote Desktop client for Windows Desktop Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows Server 2025 (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems Windows Server 2025 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) Microsoft Visual Studio 2015 Update 3 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation) Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 20H2 for ARM64-based Systems Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for x64-based systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 20H2 for 32-bit Systems Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) Microsoft .NET Framework 4.8 on Windows RT 8.1 Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2012 R2 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 Microsoft .NET Framework 4.8 on Windows Server 2012 Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 4.8 on Windows Server 2016 Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based systems Microsoft .NET Framework 3.5 on Windows Server 2012 Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 on Windows Server 2012 R2 Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based systems Microsoft .NET Framework 4.5.2 on Windows RT 8.1 Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft .NET Framework 4.5.2 on Windows Server 2012 Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.5.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H1 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H1 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H1 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems Microsoft Edge (Chromium-based) Microsoft Edge for Android Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2016 Cumulative Update 21 Microsoft Exchange Server 2019 Cumulative Update 10 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft Office Online Server SharePoint Server Subscription Edition Language Pack Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Office Web Apps Server 2013 Service Pack 1 Microsoft Dynamics 365 Customer Engagement V9.0 Dynamics 365 Sales CBL Mariner 2.0 x64 CBL Mariner 2.0 ARM CBL Mariner 1.0 x64 CBL Mariner 1.0 ARM Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows Server 2012 R2 Windows RT 8.1 Windows Server 2012 R2 (Server Core installation) Microsoft Visual Studio 2015 Update 3 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office Web Apps Server 2013 Service Pack 1 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.5.2 on Windows Server 2012 Microsoft .NET Framework 4.5.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based systems Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.5.2 on Windows RT 8.1 Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Windows Server 2016 Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 (Server Core installation) Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for x64-based systems Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1 Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft SharePoint Server 2019 Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Microsoft Office Online Server Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft .NET Framework 4.8 on Windows Server 2012 Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems Microsoft .NET Framework 4.8 on Windows Server 2012 R2 Microsoft .NET Framework 4.8 on Windows RT 8.1 Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2016 Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) Microsoft Edge (Chromium-based) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 20H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 20H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H1 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H1 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H1 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation) Microsoft Exchange Server 2013 Cumulative Update 23 Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) HEVC Video Extensions Microsoft Edge for Android Remote Desktop client for Windows Desktop Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Microsoft Exchange Server 2016 Cumulative Update 21 Microsoft Exchange Server 2019 Cumulative Update 10 Windows Server 2022 Windows Server 2022 (Server Core installation) Windows 11 version 21H2 for x64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Dynamics 365 Customer Engagement V9.0 Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2019 Cumulative Update 11 Dynamics 365 Sales Microsoft SharePoint Server Subscription Edition SharePoint Server Subscription Edition Language Pack Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems CBL Mariner 1.0 x64 CBL Mariner 1.0 ARM CBL Mariner 2.0 x64 CBL Mariner 2.0 ARM Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems Windows Server 2025 Windows Server 2025 (Server Core installation) openjdk8-1.8.0.332-1.cm1.x86_64.rpm on CBL Mariner 1.0 x64 openjre8-1.8.0.332-1.cm1.x86_64.rpm on CBL Mariner 1.0 x64 openjdk8-sample-1.8.0.332-1.cm1.x86_64.rpm on CBL Mariner 1.0 x64 openjdk8-doc-1.8.0.332-1.cm1.x86_64.rpm on CBL Mariner 1.0 x64 openjdk8-src-1.8.0.332-1.cm1.x86_64.rpm on CBL Mariner 1.0 x64 openjdk8-debuginfo-1.8.0.332-1.cm1.x86_64.rpm on CBL Mariner 1.0 x64 openjdk8-1.8.0.332-1.cm1.aarch64.rpm on CBL Mariner 1.0 ARM openjre8-1.8.0.332-1.cm1.aarch64.rpm on CBL Mariner 1.0 ARM openjdk8-sample-1.8.0.332-1.cm1.aarch64.rpm on CBL Mariner 1.0 ARM openjdk8-doc-1.8.0.332-1.cm1.aarch64.rpm on CBL Mariner 1.0 ARM openjdk8-src-1.8.0.332-1.cm1.aarch64.rpm on CBL Mariner 1.0 ARM openjdk8-debuginfo-1.8.0.332-1.cm1.aarch64.rpm on CBL Mariner 1.0 ARM azl3 samba 4.18.3-1 on Azure Linux 3.0 azl3 python-tensorboard 2.16.2-2 on Azure Linux 3.0 cbl2 application-gateway-kubernetes-ingress 1.4.0-25 on CBL Mariner 2.0 cbl2 cri-o 1.21.7-2 on CBL Mariner 2.0 cbl2 moby-buildx 0.7.1-18 on CBL Mariner 2.0 azl3 pytorch 2.2.2-5 on Azure Linux 3.0 azl3 keda 2.14.0-1 on Azure Linux 3.0 azl3 moby-engine 25.0.3-1 on Azure Linux 3.0 azl3 edk2 20230301gitf80f052277c8-37 on Azure Linux 3.0 cm1 rust 1.59.0-1 on CBL Mariner 1.0 azl3 moby-engine 20.10.25-3 on Azure Linux 3.0 cm1 protobuf 3.14.0-1 on CBL Mariner 1.0 cbl2 kured 1.13.2-1 on CBL Mariner 2.0 cbl2 mysql 8.0.29-1 on CBL Mariner 2.0 cbl2 libtiff 4.3.0-2 on CBL Mariner 2.0 cbl2 qemu 6.2.0-2 on CBL Mariner 2.0 cbl2 vim 8.2.4743-1 on CBL Mariner 2.0 cbl2 golang 1.17.8-1 on CBL Mariner 2.0 cm1 kernel 5.10.102.1-1 on CBL Mariner 1.0 cbl2 kernel 5.15.26.1-1 on CBL Mariner 2.0 cm1 mariadb 10.3.34-1 on CBL Mariner 1.0 cbl2 mariadb 10.6.7-1 on CBL Mariner 2.0 cbl2 expat 2.4.8-1 on CBL Mariner 2.0 cm1 kernel 5.10.93.1-4 on CBL Mariner 1.0 cm1 vim 8.2.4281-1 on CBL Mariner 1.0 cbl2 vim 8.2.4233-1 on CBL Mariner 2.0 cbl2 rust 1.59.0-1 on CBL Mariner 2.0 cm1 expat 2.4.4-1 on CBL Mariner 1.0 cm1 vim 8.2.4151-1 on CBL Mariner 1.0 cm1 openjdk8 1.8.0.332-1 on CBL Mariner 1.0 cm1 mysql 8.0.28-1 on CBL Mariner 1.0 cbl2 mysql 8.0.28-1 on CBL Mariner 2.0 cm1 wpa_supplicant 2.10-1 on CBL Mariner 1.0 cbl2 wpa_supplicant 2.10-1 on CBL Mariner 2.0 cbl2 kernel 5.15.18.1-1 on CBL Mariner 2.0 cbl2 glibc 2.35-1 on CBL Mariner 2.0 cbl2 clamav 0.104.2-1 on CBL Mariner 2.0 cbl2 vim 8.2.4081-1 on CBL Mariner 2.0 cbl2 expat 2.4.3-1 on CBL Mariner 2.0 azl3 node-problem-detector 0.8.15-1 on Azure Linux 3.0 azl3 multus 4.0.2-1 on Azure Linux 3.0 azl3 prometheus-process-exporter 0.8.2-1 on Azure Linux 3.0 azl3 edk2 20240223gitedc6681206c1-2 on Azure Linux 3.0 cm1 polkit 0.116-6 on CBL Mariner 1.0 cm1 strongswan 5.7.2-5 on CBL Mariner 1.0 cbl2 strongswan 5.9.5-1 on CBL Mariner 2.0 cm1 openssl 1.1.1k-8 on CBL Mariner 1.0 cbl2 openssl 1.1.1k-13 on CBL Mariner 2.0 cm1 mariadb 10.3.32-1 on CBL Mariner 1.0 cbl2 polkit 0.119-2 on CBL Mariner 2.0 cm1 kernel 5.10.93.1-2 on CBL Mariner 1.0 cm1 kernel 5.10.93.1-1 on CBL Mariner 1.0 cm1 kernel 5.10.89.1-2 on CBL Mariner 1.0 cm1 expat 2.4.3-1 on CBL Mariner 1.0 cm1 golang 1.16.12-1 on CBL Mariner 1.0 cbl2 rook 1.6.2-19 on CBL Mariner 2.0 cbl2 prometheus-process-exporter 0.7.10-19 on CBL Mariner 2.0 cbl2 prometheus-node-exporter 1.3.1-24 on CBL Mariner 2.0 cbl2 nmi 1.8.11-2 on CBL Mariner 2.0 cbl2 local-path-provisioner 0.0.21-16 on CBL Mariner 2.0 cbl2 libcontainers-common 20210626-3 on CBL Mariner 2.0 cbl2 kube-vip-cloud-provider 0.0.2-16 on CBL Mariner 2.0 cbl2 keda 2.4.0-19 on CBL Mariner 2.0 cbl2 jx 3.2.236-16 on CBL Mariner 2.0 cbl2 flannel 0.14.0-21 on CBL Mariner 2.0 cbl2 csi-driver-lvm 0.4.1-15 on CBL Mariner 2.0 cbl2 cf-cli 8.4.0-16 on CBL Mariner 2.0 cbl2 application-gateway-kubernetes-ingress 1.4.0-19 on CBL Mariner 2.0 azl3 ntopng 5.2.1-5 on Azure Linux 3.0 azl3 memcached 1.6.27-3 on Azure Linux 3.0 azl3 pytorch 2.2.2-7 on Azure Linux 3.0 cbl2 xterm 372-1 on CBL Mariner 2.0 cbl2 ruby 3.1.2-2 on CBL Mariner 2.0 cbl2 jx 3.2.236-21 on CBL Mariner 2.0 azl3 python-tensorboard 2.11.0-3 on Azure Linux 3.0 cbl2 application-gateway-kubernetes-ingress 1.4.0-25 on CBL Mariner 2.0 cbl2 cri-o 1.22.3-14 on CBL Mariner 2.0 cbl2 moby-buildx 0.7.1-24 on CBL Mariner 2.0 cbl2 moby-cli 20.10.27-5 on CBL Mariner 2.0 cbl2 libcontainers-common 20210626-7 on CBL Mariner 2.0 cbl2 keda 2.4.0-29 on CBL Mariner 2.0 cbl2 kube-vip-cloud-provider 0.0.2-22 on CBL Mariner 2.0 cbl2 rook 1.6.2-26 on CBL Mariner 2.0 azl3 keda 2.4.0-15 on Azure Linux 3.0 cbl2 cf-cli 8.4.0-24 on CBL Mariner 2.0 azl3 multus 3.8-13 on Azure Linux 3.0 azl3 prometheus-process-exporter 0.7.10-15 on Azure Linux 3.0 cbl2 csi-driver-lvm 0.4.1-17 on CBL Mariner 2.0 cbl2 flannel 0.14.0-25 on CBL Mariner 2.0 cbl2 git-lfs 3.1.4-17 on CBL Mariner 2.0 cbl2 local-path-provisioner 0.0.21-18 on CBL Mariner 2.0 cbl2 nmi 1.8.7-15 on CBL Mariner 2.0 cbl2 node-problem-detector 0.8.10-20 on CBL Mariner 2.0 cbl2 prometheus-node-exporter 1.3.1-26 on CBL Mariner 2.0 cbl2 prometheus-process-exporter 0.7.10-21 on CBL Mariner 2.0 azl3 node-problem-detector 0.8.10-18 on Azure Linux 3.0 Microsoft .NET Framework 3.5 on Windows Server 2012 Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit systems Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based systems Microsoft .NET Framework 3.5 on Windows Server 2012 R2 Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Use After Free in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0156 Use After Free 18812-16823 18812-16823 Moderate 18812-16823 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 18812-16823 CBL-Mariner Releases 18812-16823 No Security Update 8.2.4081-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18812-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> Heap-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0158 Heap-based Buffer Overflow 18812-16823 18812-16823 Low 18812-16823 3.3 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 18812-16823 CBL-Mariner Releases 18812-16823 No Security Update 8.2.4081-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18812-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> Heap-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0318 Out-of-bounds Write 18803-16820 18800-16823 18803-16820 18800-16823 Critical 18803-16820 Critical 18800-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18803-16820 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18800-16823 CBL-Mariner Releases 18803-16820 No Security Update 8.2.4151-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18803-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-01-28T00:00:00 <p>Information published.</p> Heap-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0359 Heap-based Buffer Overflow 18799-16820 18800-16823 18799-16820 18800-16823 Important 18799-16820 Important 18800-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18799-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18800-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-02-03T00:00:00 <p>Information published.</p> Heap-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0361 Heap-based Buffer Overflow 18799-16820 18800-16823 18799-16820 18800-16823 Important 18799-16820 Important 18800-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18799-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18800-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-02-03T00:00:00 <p>Information published.</p> Heap-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0392 Heap-based Buffer Overflow 18799-16820 18800-16823 18799-16820 18800-16823 Important 18799-16820 Important 18800-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18799-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18800-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-02-03T00:00:00 <p>Information published.</p> Heap-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0407 Heap-based Buffer Overflow 18799-16820 18800-16823 18799-16820 18800-16823 Important 18799-16820 Important 18800-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18799-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18800-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> Stack-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0408 Stack-based Buffer Overflow 18799-16820 18758-16823 18799-16820 18758-16823 Important 18799-16820 Important 18758-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18799-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18758-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18758-16823 No Security Update 8.2.4743-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18758-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21245 18806-16823 18806-16823 Moderate 18806-16823 4.3 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of Oracle Java SE Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21248 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15634-12137 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15635-12137 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15636-12137 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15637-12137 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15638-12137 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15639-12137 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15640-12138 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15641-12138 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15642-12138 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15643-12138 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15644-12138 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 15645-12138 CBL-Mariner Releases 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21253 18806-16823 18806-16823 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-24T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21254 18806-16823 18806-16823 Moderate 18806-16823 5.3 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21264 18806-16823 18806-16823 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21265 18806-16823 18806-16823 Low 18806-16823 3.8 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21278 18806-16823 18806-16823 Important 18806-16823 7.1 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21279 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21280 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21285 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21286 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21287 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21290 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies da <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21294 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to the APIs. CVSS 3.1 <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21296 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21301 18806-16823 18806-16823 Moderate 18806-16823 5.5 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21302 18806-16823 18806-16823 Moderate 18806-16823 5.3 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of Oracle Java SE Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21305 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21307 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21308 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21312 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21311 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21315 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21316 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21317 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21320 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21321 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21322 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21325 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21326 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21327 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21330 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21331 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21332 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21335 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21336 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21337 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplie <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21341 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21342 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18805-16820 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21344 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18805-16820 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to the APIs. CVSS 3 <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21349 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21351 18805-16820 18806-16823 18805-16820 18806-16823 Important 18805-16820 Important 18806-16823 7.1 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 18805-16820 7.1 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21352 18806-16823 18806-16823 Moderate 18806-16823 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21357 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21356 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21358 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18805-16820 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21363 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.6 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 18805-16820 6.6 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21365 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21370 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18805-16820 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21372 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.7 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L 18805-16820 2.7 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21374 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18805-16820 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Race condition in std::fs::remove_dir_all in rustlang <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner GitHub_M Yes CVE-2022-21658 Time-of-check Time-of-use (TOCTOU) Race Condition 17941-16820 18801-16823 17941-16820 18801-16823 Moderate 17941-16820 Moderate 18801-16823 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H 17941-16820 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H 18801-16823 CBL-Mariner Releases 17941-16820 18801-16823 No Security Update 1.59.0-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17941-16820 18801-16823 CBL-Mariner Releases 1.0 2022-02-01T00:00:00 <p>Information published.</p> build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-22823 Integer Overflow or Wraparound 18813-16823 18813-16823 Critical 18813-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18813-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-22824 Integer Overflow or Wraparound 18813-16823 18813-16823 Critical 18813-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18813-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-22827 Integer Overflow or Wraparound 18813-16823 18813-16823 Important 18813-16823 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18813-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-22844 Out-of-bounds Read 18728-16823 18728-16823 Moderate 18728-16823 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 18728-16823 CBL-Mariner Releases 18728-16823 No Security Update 4.3.0-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18728-16823 CBL-Mariner Releases 1.0 2022-02-17T00:00:00 <p>Information published.</p> The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length which may result in a buffer overflow potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-23218 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 18810-16823 18810-16823 Critical 18810-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18810-16823 CBL-Mariner Releases 18810-16823 No Security Update 2.35-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18810-16823 CBL-Mariner Releases 1.0 2022-01-21T00:00:00 <p>Information published.</p> kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-23222 NULL Pointer Dereference 18809-16823 18809-16823 Important 18809-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 18809-16823 CBL-Mariner Releases 18809-16823 No Security Update 5.15.18.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18809-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-23303 Observable Discrepancy 18807-16820 18808-16823 18807-16820 18808-16823 Critical 18807-16820 Critical 18808-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18807-16820 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18808-16823 CBL-Mariner Releases 18807-16820 18808-16823 No Security Update 2.10-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18807-16820 18808-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-23304 Observable Discrepancy 18807-16820 18808-16823 18807-16820 18808-16823 Critical 18807-16820 Critical 18808-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18807-16820 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18808-16823 CBL-Mariner Releases 18807-16820 18808-16823 No Security Update 2.10-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18807-16820 18808-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer for configurations with a nonzero XML_CONTEXT_BYTES. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-23852 Integer Overflow or Wraparound 18802-16820 18788-16823 18802-16820 18788-16823 Critical 18802-16820 Critical 18788-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18802-16820 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18788-16823 CBL-Mariner Releases 18802-16820 No Security Update 2.4.4-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18802-16820 CBL-Mariner Releases CBL-Mariner Releases 18788-16823 No Security Update 2.4.8-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18788-16823 CBL-Mariner Releases 1.0 2022-01-28T00:00:00 <p>Information published.</p> kernel/ucount.c in the Linux kernel 5.14 through 5.16.4 when unprivileged user namespaces are enabled allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-24122 Use After Free 18781-16823 18781-16823 Important 18781-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 18781-16823 CBL-Mariner Releases 18781-16823 No Security Update 5.15.26.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18781-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> xterm through Patch 370 when Sixel support is enabled allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-24130 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 19475-16823 19475-16823 Moderate 19475-16823 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 19475-16823 CBL-Mariner Releases 19475-16823 No Security Update 372-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19475-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> Double Free in net/packet/af_packet.c leading to priviledge escalation <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner Google Yes CVE-2021-22600 Double Free 18809-16823 18809-16823 Important 18809-16823 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 18809-16823 CBL-Mariner Releases 18809-16823 No Security Update 5.15.18.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18809-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot which may be the case when using GSO XDP or software hashing. (CVE-2021-28714) <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner XEN Yes CVE-2021-28714 Allocation of Resources Without Limits or Throttling 18909-16820 18909-16820 Moderate 18909-16820 6.5 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H 18909-16820 CBL-Mariner Releases 18909-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18909-16820 CBL-Mariner Releases 1.0 2022-01-19T00:00:00 <p>Information published.</p> A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner redhat Yes CVE-2021-4032 Incomplete Cleanup 18780-16820 18780-16820 Moderate 18780-16820 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18780-16820 CBL-Mariner Releases 18780-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18780-16820 CBL-Mariner Releases 1.0 2022-01-29T00:00:00 <p>Information published.</p> A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner redhat Yes CVE-2021-4145 NULL Pointer Dereference 18757-16823 18757-16823 Moderate 18757-16823 6.5 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H 18757-16823 CBL-Mariner Releases 18757-16823 No Security Update 6.2.0-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18757-16823 CBL-Mariner Releases 1.0 2023-03-10T00:00:00 <p>Information published.</p> CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-41819 Reliance on Cookies without Validation and Integrity Checking 19482-16823 19482-16823 Important 19482-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 19482-16823 CBL-Mariner Releases 19482-16823 No Security Update 3.1.2-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19482-16823 CBL-Mariner Releases 1.0 2022-01-13T00:00:00 <p>Information published.</p> All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled or the share also available via NFS in order for this attack to succeed. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-43566 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 16864-17084 16864-17084 Low 16864-17084 2.5 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 16864-17084 CBL-Mariner Releases 16864-17084 No Security Update 4.18.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 16864-17084 CBL-Mariner Releases 1.0 2024-10-15T00:00:00 <p>Information published.</p> net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-44716 Uncontrolled Resource Consumption 18911-16820 17367-16823 18912-16823 18913-16823 18914-16823 18916-16823 17451-16823 18918-16823 18919-16823 18920-16823 18921-16823 18922-16823 18924-16823 18925-16823 18926-16823 18927-16823 18624-16823 18772-16823 18829-17084 18822-17084 18823-17084 17814-17084 17761-17084 19713-17086 19977-17086 20290-17086 19694-17086 19792-17086 19784-17086 19790-17086 20299-17086 20300-17086 20301-17086 19877-17084 17964-17084 20307-17084 19777-17086 17197-17086 20288-17086 20289-17086 19836-17086 19840-17086 20293-17086 20297-17086 19854-17086 20086-17084 20089-17084 18911-16820 17367-16823 18912-16823 18913-16823 18914-16823 18916-16823 17451-16823 18918-16823 18919-16823 18920-16823 18921-16823 18922-16823 18924-16823 18925-16823 18926-16823 18927-16823 18624-16823 18772-16823 18829-17084 18822-17084 18823-17084 17814-17084 17761-17084 19713-17086 19977-17086 20290-17086 19694-17086 19792-17086 19784-17086 19790-17086 20299-17086 20300-17086 20301-17086 19877-17084 17964-17084 20307-17084 19777-17086 17197-17086 20288-17086 20289-17086 19836-17086 19840-17086 20293-17086 20297-17086 19854-17086 20086-17084 20089-17084 Important 18911-16820 Important 17367-16823 Important 18912-16823 Important 18913-16823 Important 18914-16823 Important 18916-16823 Important 17451-16823 Important 18918-16823 Important 18919-16823 Important 18920-16823 Important 18921-16823 Important 18922-16823 Important 18924-16823 Important 18925-16823 Important 18926-16823 Important 18927-16823 Important 18624-16823 Important 18772-16823 Important 18829-17084 Important 18822-17084 Important 18823-17084 Important 17814-17084 Important 17761-17084 19713-17086 Important 19977-17086 Important 20290-17086 Important 19694-17086 Important 19792-17086 Important 19784-17086 Important 19790-17086 Important 20299-17086 Important 20300-17086 Important 20301-17086 Important 19877-17084 Important 17964-17084 Important 20307-17084 Important 19777-17086 Important 17197-17086 Important 20288-17086 Important 20289-17086 Important 19836-17086 Important 19840-17086 Important 20293-17086 Important 20297-17086 Important 19854-17086 Important 20086-17084 Important 20089-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18911-16820 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17367-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18912-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18913-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18914-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18916-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17451-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18918-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18919-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18920-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18921-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18922-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18924-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18925-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18926-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18927-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18624-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18772-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18829-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18822-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18823-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17814-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17761-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19713-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19977-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20290-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19694-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19792-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19784-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19790-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20299-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20300-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20301-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19877-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17964-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20307-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19777-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17197-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20288-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20289-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19836-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19840-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20293-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20297-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19854-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20086-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20089-17084 CBL-Mariner Releases 18911-16820 No Security Update 1.16.12-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18911-16820 CBL-Mariner Releases CBL-Mariner Releases 17367-16823 19777-17086 No Security Update 1.21.7-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17367-16823 19777-17086 CBL-Mariner Releases CBL-Mariner Releases 18912-16823 19854-17086 No Security Update 1.6.2-19 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18912-16823 19854-17086 CBL-Mariner Releases CBL-Mariner Releases 18913-16823 20301-17086 No Security Update 0.7.10-19 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18913-16823 20301-17086 CBL-Mariner Releases CBL-Mariner Releases 18914-16823 20300-17086 No Security Update 1.3.1-24 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18914-16823 20300-17086 CBL-Mariner Releases CBL-Mariner Releases 18916-16823 20297-17086 No Security Update 1.8.11-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18916-16823 20297-17086 CBL-Mariner Releases CBL-Mariner Releases 17451-16823 19784-17086 No Security Update 0.7.1-18 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17451-16823 19784-17086 CBL-Mariner Releases CBL-Mariner Releases 18918-16823 20293-17086 No Security Update 0.0.21-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18918-16823 20293-17086 CBL-Mariner Releases CBL-Mariner Releases 18919-16823 19792-17086 No Security Update 20210626-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18919-16823 19792-17086 CBL-Mariner Releases CBL-Mariner Releases 18920-16823 19840-17086 No Security Update 0.0.2-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18920-16823 19840-17086 CBL-Mariner Releases CBL-Mariner Releases 18921-16823 19836-17086 No Security Update 2.4.0-19 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18921-16823 19836-17086 CBL-Mariner Releases CBL-Mariner Releases 18922-16823 19694-17086 No Security Update 3.2.236-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18922-16823 19694-17086 CBL-Mariner Releases CBL-Mariner Releases 18924-16823 20289-17086 No Security Update 0.14.0-21 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18924-16823 20289-17086 CBL-Mariner Releases CBL-Mariner Releases 18925-16823 20288-17086 No Security Update 0.4.1-15 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18925-16823 20288-17086 CBL-Mariner Releases CBL-Mariner Releases 18926-16823 19977-17086 No Security Update 8.4.0-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18926-16823 19977-17086 CBL-Mariner Releases CBL-Mariner Releases 18927-16823 19713-17086 17197-17086 No Security Update 1.4.0-19 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18927-16823 19713-17086 17197-17086 CBL-Mariner Releases CBL-Mariner Releases 18624-16823 No Security Update 1.13.2-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18624-16823 CBL-Mariner Releases CBL-Mariner Releases 18772-16823 No Security Update 1.17.8-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18772-16823 CBL-Mariner Releases CBL-Mariner Releases 18829-17084 20089-17084 No Security Update 0.8.2-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18829-17084 20089-17084 CBL-Mariner Releases CBL-Mariner Releases 18822-17084 20307-17084 No Security Update 0.8.15-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18822-17084 20307-17084 CBL-Mariner Releases CBL-Mariner Releases 18823-17084 20086-17084 No Security Update 4.0.2-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18823-17084 20086-17084 CBL-Mariner Releases CBL-Mariner Releases 17814-17084 17964-17084 No Security Update 25.0.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17814-17084 17964-17084 CBL-Mariner Releases CBL-Mariner Releases 17761-17084 19877-17084 No Security Update 2.14.0-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17761-17084 19877-17084 CBL-Mariner Releases CBL-Mariner Releases 20290-17086 No Security Update 3.1.4-17 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20290-17086 CBL-Mariner Releases CBL-Mariner Releases 19790-17086 No Security Update 20.10.27-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19790-17086 CBL-Mariner Releases CBL-Mariner Releases 20299-17086 No Security Update 0.8.10-20 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20299-17086 CBL-Mariner Releases 3.0 2026-02-18T03:14:25 <p>Information published.</p> 1.0 2022-01-13T00:00:00 <p>Information published.</p> 1.1 2023-11-08T00:00:00 <p>Added kured to CBL-Mariner 2.0</p> 1.2 2024-01-24T00:00:00 <p>Added flannel to CBL-Mariner 2.0 Added kube-vip-cloud-provider to CBL-Mariner 2.0 Added libcontainers-common to CBL-Mariner 2.0 Added local-path-provisioner to CBL-Mariner 2.0</p> 1.3 2024-04-11T00:00:00 <p>Added cri-o to CBL-Mariner 2.0</p> 1.4 2024-06-30T07:00:00 <p>Information published.</p> 1.5 2024-08-29T00:00:00 <p>Information published.</p> 1.6 2024-08-30T00:00:00 <p>Information published.</p> 1.7 2024-08-31T00:00:00 <p>Information published.</p> 1.8 2024-09-01T00:00:00 <p>Information published.</p> 1.9 2024-09-02T00:00:00 <p>Information published.</p> 2.0 2024-09-03T00:00:00 <p>Information published.</p> 2.1 2024-09-05T00:00:00 <p>Information published.</p> 2.2 2024-09-06T00:00:00 <p>Information published.</p> 2.3 2024-09-07T00:00:00 <p>Information published.</p> 2.4 2024-09-08T00:00:00 <p>Information published.</p> 2.5 2024-09-11T00:00:00 <p>Information published.</p> In Expat (aka libexpat) before 2.4.3 a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g. allocating too few bytes or only freeing memory). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-45960 Incorrect Calculation 18910-16820 18813-16823 18910-16820 18813-16823 Important 18910-16820 Important 18813-16823 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 18910-16820 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18910-16820 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18910-16820 18813-16823 CBL-Mariner Releases 1.0 2022-01-13T00:00:00 <p>Information published.</p> nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-46283 Improper Initialization 18908-16820 18908-16820 Moderate 18908-16820 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18908-16820 CBL-Mariner Releases 18908-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18908-16820 CBL-Mariner Releases 1.0 2022-01-21T00:00:00 <p>Information published.</p> get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-46657 18905-16820 18786-16823 18905-16820 18786-16823 Moderate 18905-16820 Moderate 18786-16823 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18905-16820 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18786-16823 CBL-Mariner Releases 18905-16820 No Security Update 10.3.32-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18905-16820 CBL-Mariner Releases CBL-Mariner Releases 18786-16823 No Security Update 10.6.7-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18786-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-46659 18785-16820 18786-16823 18785-16820 18786-16823 Moderate 18785-16820 Moderate 18786-16823 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18785-16820 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18786-16823 CBL-Mariner Releases 18785-16820 No Security Update 10.3.34-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18785-16820 CBL-Mariner Releases CBL-Mariner Releases 18786-16823 No Security Update 10.6.7-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18786-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> Out-of-bounds Read in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0128 Out-of-bounds Read 18812-16823 18812-16823 Important 18812-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18812-16823 CBL-Mariner Releases 18812-16823 No Security Update 8.2.4081-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18812-16823 CBL-Mariner Releases 1.0 2022-01-13T00:00:00 <p>Information published.</p> Heap-based Buffer Overflow in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0261 Out-of-bounds Write 18803-16820 18800-16823 18803-16820 18800-16823 Important 18803-16820 Important 18800-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18803-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18800-16823 CBL-Mariner Releases 18803-16820 No Security Update 8.2.4151-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18803-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Out-of-bounds Read in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0368 Out-of-bounds Read 18799-16820 18800-16823 18799-16820 18800-16823 Important 18799-16820 Important 18800-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18799-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18800-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-02-03T00:00:00 <p>Information published.</p> Out-of-bounds Read in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0393 Out-of-bounds Read 18799-16820 18800-16823 18799-16820 18800-16823 Important 18799-16820 Important 18800-16823 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 18799-16820 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 18800-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18800-16823 No Security Update 8.2.4233-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18800-16823 CBL-Mariner Releases 1.0 2022-02-03T00:00:00 <p>Information published.</p> Use After Free in vim/vim <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner @huntrdev Yes CVE-2022-0413 Use After Free 18799-16820 18758-16823 18799-16820 18758-16823 Important 18799-16820 Important 18758-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18799-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18758-16823 CBL-Mariner Releases 18799-16820 No Security Update 8.2.4281-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18799-16820 CBL-Mariner Releases CBL-Mariner Releases 18758-16823 No Security Update 8.2.4743-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18758-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> Clam AntiVirus (ClamAV) Denial of Service Vulnerability <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner cisco Yes CVE-2022-20698 Out-of-bounds Read 18811-16823 18811-16823 Important 18811-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18811-16823 CBL-Mariner Releases 18811-16823 No Security Update 0.104.2-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18811-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21249 18806-16823 18806-16823 Low 18806-16823 2.7 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-24T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21256 18806-16823 18806-16823 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-24T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21270 18806-16823 18806-16823 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to t <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21271 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15634-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15635-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15636-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15637-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15638-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15639-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15640-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15641-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15642-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15643-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15644-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 15645-12138 CBL-Mariner Releases 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to the APIs. CVSS 3.1 <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21282 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15634-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15635-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15636-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15637-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15638-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15639-12137 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15640-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15641-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15642-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15643-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15644-12138 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 15645-12138 CBL-Mariner Releases 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 15634-12137 15635-12137 15636-12137 15637-12137 15638-12137 15639-12137 15640-12138 15641-12138 15642-12138 15643-12138 15644-12138 15645-12138 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21284 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21288 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21289 18806-16823 18806-16823 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of Oracle Java SE Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21291 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies da <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21293 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21297 18806-16823 18806-16823 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21299 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21303 18806-16823 18806-16823 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21304 18806-16823 18806-16823 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18806-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21309 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21310 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21313 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21314 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21318 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21319 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21323 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21324 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21328 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21329 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21333 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21334 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18805-16820 6.3 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21339 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18805-16820 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies da <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21340 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21348 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18805-16820 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21355 18805-16820 18806-16823 18805-16820 18806-16823 Low 18805-16820 Low 18806-16823 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18805-16820 2.9 2.9 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21360 18804-16820 18804-16820 Moderate 18804-16820 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 18804-16820 CBL-Mariner Releases 18804-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18804-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21362 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18805-16820 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21367 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 5.5 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H 18805-16820 5.5 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.7 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21368 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 4.7 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 18805-16820 4.7 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner oracle Yes CVE-2022-21378 18805-16820 18806-16823 18805-16820 18806-16823 Moderate 18805-16820 Moderate 18806-16823 5.5 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H 18805-16820 5.5 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H 18806-16823 CBL-Mariner Releases 18805-16820 18806-16823 No Security Update 8.0.28-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18805-16820 18806-16823 CBL-Mariner Releases 1.0 2022-01-25T00:00:00 <p>Information published.</p> addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-22822 Integer Overflow or Wraparound 18813-16823 18813-16823 Critical 18813-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18813-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-22825 Integer Overflow or Wraparound 18813-16823 18813-16823 Important 18813-16823 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18813-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-22826 Integer Overflow or Wraparound 18813-16823 18813-16823 Important 18813-16823 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18813-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length which may result in a buffer overflow potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-23219 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 18810-16823 18810-16823 Critical 18810-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18810-16823 CBL-Mariner Releases 18810-16823 No Security Update 2.35-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18810-16823 CBL-Mariner Releases 1.0 2022-01-22T00:00:00 <p>Information published.</p> Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2022-23990 Integer Overflow or Wraparound 18802-16820 18788-16823 18802-16820 18788-16823 Important 18802-16820 Important 18788-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18802-16820 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18788-16823 CBL-Mariner Releases 18802-16820 No Security Update 2.4.4-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18802-16820 CBL-Mariner Releases CBL-Mariner Releases 18788-16823 No Security Update 2.4.8-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18788-16823 CBL-Mariner Releases 1.0 2022-02-01T00:00:00 <p>Information published.</p> Denial of Service of protobuf-java parsing procedure <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner Google Yes CVE-2021-22569 Incorrect Behavior Order 17021-17084 17466-17084 19407-17084 19696-17084 17021-17084 17466-17084 19407-17084 19696-17084 Moderate 17021-17084 Moderate 17466-17084 Moderate 19407-17084 Moderate 19696-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 17021-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 17466-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 19407-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 19696-17084 CBL-Mariner Releases 17021-17084 19696-17084 No Security Update 2.16.2-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17021-17084 19696-17084 CBL-Mariner Releases CBL-Mariner Releases 17466-17084 19407-17084 No Security Update 2.2.2-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17466-17084 19407-17084 CBL-Mariner Releases 1.0 2024-09-11T00:00:00 <p>Information published.</p> 1.1 2025-04-01T00:00:00 <p>Added pytorch to Azure Linux 3.0 Added python-tensorboard to Azure Linux 3.0</p> 1.2 2026-02-19T01:36:11 <p>Information published.</p> Nullptr Dereference in Protobuf <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner Google Yes CVE-2021-22570 NULL Pointer Dereference 18464-16820 18714-16823 18464-16820 18714-16823 Moderate 18464-16820 Moderate 18714-16823 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18464-16820 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18714-16823 CBL-Mariner Releases 18464-16820 No Security Update 3.14.0-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18464-16820 CBL-Mariner Releases CBL-Mariner Releases 18714-16823 No Security Update 8.0.29-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18714-16823 CBL-Mariner Releases 1.0 2022-06-05T00:00:00 <p>Information published.</p> Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot which may be the case when using GSO XDP or software hashing. (CVE-2021-28714) <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner XEN Yes CVE-2021-28715 Allocation of Resources Without Limits or Throttling 18909-16820 18909-16820 Moderate 18909-16820 6.5 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H 18909-16820 CBL-Mariner Releases 18909-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18909-16820 CBL-Mariner Releases 1.0 2022-01-19T00:00:00 <p>Information published.</p> A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner redhat Yes CVE-2021-4001 Time-of-check Time-of-use (TOCTOU) Race Condition 18790-16820 18790-16820 Moderate 18790-16820 4.1 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N 18790-16820 CBL-Mariner Releases 18790-16820 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18790-16820 CBL-Mariner Releases 1.0 2022-01-29T00:00:00 <p>Information published.</p> A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner redhat Yes CVE-2021-4034 Out-of-bounds Read 18898-16820 18906-16823 18898-16820 18906-16823 Important 18898-16820 Important 18906-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 18898-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 18906-16823 CBL-Mariner Releases 18898-16820 No Security Update 0.116-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18898-16820 CBL-Mariner Releases CBL-Mariner Releases 18906-16823 No Security Update 0.119-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18906-16823 CBL-Mariner Releases 1.0 2022-01-30T08:00:00 <p>Information published.</p> A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner redhat Yes CVE-2021-4083 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 18907-16820 18907-16820 Important 18907-16820 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 18907-16820 CBL-Mariner Releases 18907-16820 No Security Update 5.10.93.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18907-16820 CBL-Mariner Releases 1.0 2022-01-26T00:00:00 <p>Information published.</p> BN_mod_exp may produce incorrect results on MIPS <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner openssl Yes CVE-2021-4160 18903-16820 18904-16823 18830-17084 17859-17084 18903-16820 18904-16823 18830-17084 17859-17084 Moderate 18903-16820 Moderate 18904-16823 Moderate 18830-17084 Moderate 17859-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 18903-16820 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 18904-16823 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 18830-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 17859-17084 CBL-Mariner Releases 18903-16820 18904-16823 No Security Update - https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18903-16820 18904-16823 CBL-Mariner Releases CBL-Mariner Releases 18830-17084 17859-17084 No Security Update 20240223gitedc6681206c1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18830-17084 17859-17084 CBL-Mariner Releases 1.0 2022-02-08T00:00:00 <p>Information published.</p> 1.1 2024-08-29T00:00:00 <p>Information published.</p> 1.2 2024-08-30T00:00:00 <p>Information published.</p> 1.3 2024-08-31T00:00:00 <p>Information published.</p> 1.4 2024-09-01T00:00:00 <p>Information published.</p> 1.5 2024-09-02T00:00:00 <p>Information published.</p> 1.6 2024-09-03T00:00:00 <p>Information published.</p> 1.7 2024-09-05T00:00:00 <p>Information published.</p> 1.8 2024-09-06T00:00:00 <p>Information published.</p> 1.9 2024-09-07T00:00:00 <p>Information published.</p> 2.0 2024-09-08T00:00:00 <p>Information published.</p> 2.1 2024-09-11T00:00:00 <p>Information published.</p> 2.2 2026-02-18T02:24:18 <p>Information published.</p> Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1 3.1.2 3.0.2 and 2.0.1. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-41817 Inefficient Regular Expression Complexity 19482-16823 19482-16823 Important 19482-16823 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19482-16823 CBL-Mariner Releases 19482-16823 No Security Update 3.1.2-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19482-16823 CBL-Mariner Releases 1.0 2022-01-12T00:00:00 <p>Information published.</p> Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-44647 Access of Resource Using Incompatible Type ('Type Confusion') 19082-17084 19084-17084 19082-17084 19084-17084 Moderate 19082-17084 Moderate 19084-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 19082-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 19084-17084 CBL-Mariner Releases 19082-17084 No Security Update 5.2.1-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19082-17084 CBL-Mariner Releases CBL-Mariner Releases 19084-17084 No Security Update 1.6.27-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19084-17084 CBL-Mariner Releases 1.0 2022-04-14T00:00:00 <p>Information published.</p> 1.1 2025-02-20T00:00:00 <p>Added ntopng to Azure Linux 3.0 Added lua to CBL-Mariner 2.0</p> 1.2 2025-04-12T00:00:00 <p>Added memcached to Azure Linux 3.0 Added ntopng to Azure Linux 3.0 Added lua to CBL-Mariner 2.0</p> In strongSwan before 5.9.5 a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-45079 NULL Pointer Dereference 18901-16820 18902-16823 18901-16820 18902-16823 Critical 18901-16820 Critical 18902-16823 9.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 18901-16820 9.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 18902-16823 CBL-Mariner Releases 18901-16820 No Security Update 5.7.2-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18901-16820 CBL-Mariner Releases CBL-Mariner Releases 18902-16823 No Security Update 5.9.5-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18902-16823 CBL-Mariner Releases 1.0 2022-02-08T00:00:00 <p>Information published.</p> In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3 an integer overflow exists for m_groupSize. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-46143 Integer Overflow or Wraparound 18910-16820 18813-16823 18910-16820 18813-16823 Important 18910-16820 Important 18813-16823 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18910-16820 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 18813-16823 CBL-Mariner Releases 18910-16820 18813-16823 No Security Update 2.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18910-16820 18813-16823 CBL-Mariner Releases 1.0 2022-01-14T00:00:00 <p>Information published.</p> save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery. <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner mitre Yes CVE-2021-46658 18905-16820 18786-16823 18905-16820 18786-16823 Moderate 18905-16820 Moderate 18786-16823 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18905-16820 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 18786-16823 CBL-Mariner Releases 18905-16820 No Security Update 10.3.32-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18905-16820 CBL-Mariner Releases CBL-Mariner Releases 18786-16823 No Security Update 10.6.7-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18786-16823 CBL-Mariner Releases 1.0 2022-02-05T00:00:00 <p>Information published.</p> Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Microsoft Yes CVE-2022-21852 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 <a href="https://twitter.com/hillstone_lab">He YiSheng, Zhang WangJunJie, and Li WenYue</a> with <a href="https://www.hillstonenet.com.cn/">Hillstone Network Security Research Institute</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Open Source Curl Remote Code Execution Vulnerability <p><strong>Why is this a Hacker One CVE?</strong></p> <p>This CVE is regarding a vulnerability in the curl open source library which is used by Windows. The January 2022 Windows Security Updates includes the most recent version of this library which addresses the vulnerability and others. Please see <a href="https://curl.se/docs/security.html">curl security problems</a> for information on all of the vulnerabilities that have been addressed.</p> Open Source Software HackerOne Yes CVE-2021-22947 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Critical 11568 Critical 11569 Critical 11570 Critical 11571 Critical 11572 Critical 11712 Critical 11713 Critical 11714 Critical 11896 Critical 11897 Critical 11898 Critical 11923 Critical 11924 Critical 11801 Critical 11802 Critical 11803 Critical 11926 Critical 11927 Critical 11929 Critical 11930 Critical 11931 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 <a href="http://eskamation.de/">Stefan Kanthak</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Libarchive Remote Code Execution Vulnerability <p><strong>Why is this a MITRE Corporation CVE?</strong></p> <p><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36976">CVE-2021-36976</a> is regarding a vulnerability in the libarchive open source library which is used by Windows. The January 2022 Windows Security Updates include the most recent version of this library which addresses the vulnerability and others. Please see <a href="https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=libarchive">libarchive CVEs</a> for more information regarding all of the vulnerabilities that have been addressed.</p> Windows Libarchive MITRE Corporation Yes CVE-2021-36976 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 1.0 2022-01-11T08:00:00 <p>Information published.</p> Active Directory Domain Services Elevation of Privilege Vulnerability <p><strong>What is the scope of this security update?</strong></p> <p>This update resolves an elevation of privilege vulnerability specific to Active Directory Domain Services environments with incoming trusts. Prior to this update, an attacker could elevate privileges across the trust boundary under certain conditions.</p> Windows Active Directory Microsoft Yes CVE-2022-21857 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Critical 11568 Critical 11569 Critical 11570 Critical 11571 Critical 11572 Critical 11712 Critical 11713 Critical 11714 Critical 11896 Critical 11897 Critical 11898 Critical 11923 Critical 11924 Critical 11801 Critical 11802 Critical 11803 Critical 11926 Critical 11927 Critical 11929 Critical 11930 Critical 11931 Critical 10729 Critical 10735 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Critical 10047 Critical 10048 Critical 10481 Critical 10482 Critical 10484 Critical 9312 Critical 10287 Critical 9318 Critical 9344 Critical 10051 Critical 10049 Critical 10378 Critical 10379 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Microsoft Yes CVE-2022-21872 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 aks.doker ,99k ,yuanheng lab aks.doker ,99k ,yuanheng lab 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Bind Filter Driver Elevation of Privilege Vulnerability Windows Bind Filter Driver Microsoft Yes CVE-2022-21858 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 k0shl with Kunlun Lab 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Accounts Control Elevation of Privilege Vulnerability Windows Account Control Microsoft Yes CVE-2022-21859 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10816 10855 10047 10048 10481 10482 10484 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows AppContracts API Server Elevation of Privilege Vulnerability Windows AppContracts API Server Microsoft Yes CVE-2022-21860 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 1.0 2022-01-11T08:00:00 <p>Information published.</p> Task Flow Data Engine Elevation of Privilege Vulnerability Windows Task Flow Data Engine Microsoft Yes CVE-2022-21861 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Application Model Core API Elevation of Privilege Vulnerability Windows Application Model Microsoft Yes CVE-2022-21862 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows StateRepository API Server file Elevation of Privilege Vulnerability Windows StateRepository API Microsoft Yes CVE-2022-21863 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows UI Immersive Server API Elevation of Privilege Vulnerability Windows UI Immersive Server Microsoft Yes CVE-2022-21864 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Connected Devices Platform Service Elevation of Privilege Vulnerability Windows Connected Devices Platform Service Microsoft Yes CVE-2022-21865 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows System Launcher Elevation of Privilege Vulnerability Windows System Launcher Microsoft Yes CVE-2022-21866 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Push Notifications Apps Elevation of Privilege Vulnerability Windows Push Notifications Microsoft Yes CVE-2022-21867 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Devices Human Interface Elevation of Privilege Vulnerability Windows Devices Human Interface Microsoft Yes CVE-2022-21868 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 1.0 2022-01-11T08:00:00 <p>Information published.</p> Clipboard User Service Elevation of Privilege Vulnerability Windows Clipboard User Service Microsoft Yes CVE-2022-21869 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 1.0 2022-01-11T08:00:00 <p>Information published.</p> Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability Tablet Windows User Interface Microsoft Yes CVE-2022-21870 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability Windows Diagnostic Hub Microsoft Yes CVE-2022-21871 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 11600 11785 11872 10577 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 11600 Elevation of Privilege 11785 Elevation of Privilege 11872 Elevation of Privilege 10577 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 11600 Important 11785 Important 11872 Important 10577 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11600 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11785 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11872 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10577 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 Release Notes http://aka.ms/vs/15/release/latest 11600 Maybe Security Update 15.9.44 https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes 11600 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.7 11785 Maybe Security Update 16.7.25 https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.7 11785 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.9 11872 Maybe Security Update 16.9.17 https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.9 11872 Release Notes 5011164 https://aka.ms/vs/14/release/5011164 5007275 10577 Maybe Security Update 27551.00 https://support.microsoft.com/help/5011164 10577 5011164 1.0 2022-01-11T08:00:00 <p>Information published.</p> 2.0 2022-02-08T08:00:00 <p>In the Security Updates table, added the following versions of Visual Studio as they also affected by CVE-2022-21871: Microsoft Visual Studio 2019 version 16.9, Microsoft Visual Studio 2019 version 16.7, Microsoft Visual Studio 2017 version 15.9, and Microsoft Visual Studio 2015 Update 3. Microsoft strongly recommends that customers running any of these versions of Visual Studio install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.</p> Tile Data Repository Elevation of Privilege Vulnerability Windows Tile Data Repository Microsoft Yes CVE-2022-21873 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Storage Elevation of Privilege Vulnerability Windows Storage Microsoft Yes CVE-2022-21875 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Win32k Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.</p> Windows Win32K Microsoft Yes CVE-2022-21876 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10378 10379 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11570 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11712 Information Disclosure 11713 Information Disclosure 11714 Information Disclosure 11896 Information Disclosure 11897 Information Disclosure 11898 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11801 Information Disclosure 11802 Information Disclosure 11803 Information Disclosure 11926 Information Disclosure 11927 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 10729 Information Disclosure 10735 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11570 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11712 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11713 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11714 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11896 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11897 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11898 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11801 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11802 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11803 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11926 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11927 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10729 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10735 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 namnp working with <a href="https://www.zerodayinitiative.com/">Trend Micro Zero Day Initiative</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Security Center API Remote Code Execution Vulnerability Windows Security Center Microsoft Yes CVE-2022-21874 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11924 11898 11923 11801 11803 11802 11926 11929 11927 11930 11931 10735 10729 10855 10853 10816 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11924 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11801 Remote Code Execution 11803 Remote Code Execution 11802 Remote Code Execution 11926 Remote Code Execution 11929 Remote Code Execution 11927 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10735 Remote Code Execution 10729 Remote Code Execution 10855 Remote Code Execution 10853 Remote Code Execution 10816 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11924 Important 11898 Important 11923 Important 11801 Important 11803 Important 11802 Important 11926 Important 11929 Important 11927 Important 11930 Important 11931 Important 10735 Important 10729 Important 10855 Important 10853 Important 10816 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11803 11802 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11924 11923 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11924 11923 5009555 5009555 https://support.microsoft.com/help/5009555 11924 11923 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11803 11802 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11803 11802 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10735 10729 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10735 10729 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10855 10853 10816 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10855 10853 10816 5009546 5009546 https://support.microsoft.com/help/5009546 10855 10853 10816 <a href="https://twitter.com/jq0904">Jinquan(@jq0904)</a> with <a href=" https://www.dbappsecurity.com.cn/product/cloud250.html">DBAPPSecurity Lieying Lab</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Storage Spaces Controller Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.</p> Windows Storage Spaces Controller Microsoft Yes CVE-2022-21877 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11570 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11712 Information Disclosure 11713 Information Disclosure 11714 Information Disclosure 11896 Information Disclosure 11897 Information Disclosure 11898 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11801 Information Disclosure 11802 Information Disclosure 11803 Information Disclosure 11926 Information Disclosure 11927 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11570 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11712 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11713 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11714 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11896 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11897 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11898 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11801 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11802 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11803 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11926 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11927 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 <a href="http://www.zerodayinitiative.com/">Trend Micro’s Zero Day Initiative (ZDI)</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability Windows IKE Extension Microsoft Yes CVE-2022-21843 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 10051 10049 10378 10379 10483 10543 Denial of Service 11568 Denial of Service 11569 Denial of Service 11570 Denial of Service 11571 Denial of Service 11572 Denial of Service 11712 Denial of Service 11713 Denial of Service 11714 Denial of Service 11896 Denial of Service 11897 Denial of Service 11898 Denial of Service 11923 Denial of Service 11924 Denial of Service 11801 Denial of Service 11802 Denial of Service 11803 Denial of Service 11926 Denial of Service 11927 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 10729 Denial of Service 10735 Denial of Service 10852 Denial of Service 10853 Denial of Service 10816 Denial of Service 10855 Denial of Service 10047 Denial of Service 10048 Denial of Service 10481 Denial of Service 10482 Denial of Service 10484 Denial of Service 10051 Denial of Service 10049 Denial of Service 10378 Denial of Service 10379 Denial of Service 10483 Denial of Service 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11712 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11713 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11714 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11896 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11897 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11898 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11801 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11802 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11803 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11926 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11927 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10729 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10735 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <p>Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:</p> <p>Only systems with the IKE and AuthIP IPsec Keying Modules running are vulnerable to this attack.</p> <p>You can run either of the following commands to check the running status of this service:</p> <p>PS: <code>C:\&amp;gt; Get-Service Ikeext</code></p> <ul> <li>OR</li> </ul> <p>Cmd: <code>C:\&amp;gt; sc query ikeext</code></p> <p>This mitigation could have negative affects on your IPSec functionality. Microsoft strongly recommends updating your system with the latest Windows security updates.</p> <a href="https://www.youtube.com/watch?v=0AhPC_dHkHo">Polar Bear</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Microsoft Yes CVE-2022-21902 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 <a href="https://twitter.com/hillstone_lab">He YiSheng, Zhang WangJunJie, and Li WenYue</a> with <a href="https://www.hillstonenet.com.cn/">Hillstone Network Security Research Institute</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows GDI Elevation of Privilege Vulnerability Microsoft Graphics Component Microsoft Yes CVE-2022-21903 11568 11569 11570 11571 11572 11712 11713 11714 11923 11924 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11923 Important 11924 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://twitter.com/gaborseljan">G&#225;bor Selj&#225;n</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows GDI Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.</p> Microsoft Graphics Component Microsoft Yes CVE-2022-21904 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11570 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11712 Information Disclosure 11713 Information Disclosure 11714 Information Disclosure 11896 Information Disclosure 11897 Information Disclosure 11898 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11801 Information Disclosure 11802 Information Disclosure 11803 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 10729 Information Disclosure 10735 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10047 Information Disclosure 10048 Information Disclosure 10481 Information Disclosure 10482 Information Disclosure 10484 Information Disclosure 9312 Information Disclosure 10287 Information Disclosure 9318 Information Disclosure 9344 Information Disclosure 10051 Information Disclosure 10049 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11712 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11713 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11714 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11896 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11897 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11898 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11801 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11802 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11803 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10729 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10735 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9312 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10287 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9318 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9344 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://twitter.com/gaborseljan">G&#225;bor Selj&#225;n</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Hyper-V Security Feature Bypass Vulnerability <p><strong>What configurations or versions could be at risk from this vulnerability?</strong></p> <p>This bypass could affect any Hyper-V configurations that are using Router Guard.</p> <p><strong>What is the exposure if the vulnerability was bypassed?</strong></p> <p>Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router paths.</p> Role: Windows Hyper-V Microsoft Yes CVE-2022-21905 11569 11571 11572 11713 11896 11923 11924 11803 11926 11931 10735 10853 10816 10855 10048 10482 10051 10049 10378 10379 10483 10543 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11713 Security Feature Bypass 11896 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11803 Security Feature Bypass 11926 Security Feature Bypass 11931 Security Feature Bypass 10735 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10048 Security Feature Bypass 10482 Security Feature Bypass 10051 Security Feature Bypass 10049 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 11569 Important 11571 Important 11572 Important 11713 Important 11896 Important 11923 Important 11924 Important 11803 Important 11926 Important 11931 Important 10735 Important 10853 Important 10816 Important 10855 Important 10048 Important 10482 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11569 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11571 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11572 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11713 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11896 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11923 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11924 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11803 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11926 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11931 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10735 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10853 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10816 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10855 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10048 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10482 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10051 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10049 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10378 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10379 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10483 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11569 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11569 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11569 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11713 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11713 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11803 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 5009566 5009566 https://support.microsoft.com/help/5009566 11926 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10482 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10482 10483 10543 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://blog.champtar.fr/">Etienne Champetier (@champtar)</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Defender Application Control Security Feature Bypass Vulnerability Windows Defender Microsoft Yes CVE-2022-21906 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11570 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11712 Security Feature Bypass 11713 Security Feature Bypass 11714 Security Feature Bypass 11896 Security Feature Bypass 11897 Security Feature Bypass 11898 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11801 Security Feature Bypass 11802 Security Feature Bypass 11803 Security Feature Bypass 11926 Security Feature Bypass 11927 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11570 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11712 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11713 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11714 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11896 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11897 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11898 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11801 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11802 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11803 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11926 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11927 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 1.0 2022-01-11T08:00:00 <p>Information published.</p> HTTP Protocol Stack Remote Code Execution Vulnerability <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.</p> <p><strong>Is this wormable?</strong></p> <p>Yes. Microsoft recommends prioritizing the patching of affected servers.</p> <p><strong>Windows 10, Version 1909 is not in the Security Updates table. Is it affected by this vulnerability?</strong></p> <p>No, the vulnerable code does not exist in Windows 10, version 1909. It is not affected by this vulnerability.</p> <p><strong>Is the EnableTrailerSupport registry key present in any other platform than Windows Server 2019 and Windows 10, version 1809?</strong></p> <p>No, the registry key is only present in Windows Server 2019 and Windows 10, version 1809.</p> Windows HTTP Protocol Stack Microsoft Yes CVE-2022-21907 11568 11569 11570 11571 11572 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Critical 11568 Critical 11569 Critical 11570 Critical 11571 Critical 11572 Critical 11896 Critical 11897 Critical 11898 Critical 11923 Critical 11924 Critical 11801 Critical 11802 Critical 11803 Critical 11926 Critical 11927 Critical 11929 Critical 11930 Critical 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 <p>Windows Server 2019 and Windows 10 version 1809 are <strong>not vulnerable</strong> by default. Unless you have enabled the HTTP Trailer Support via <strong>EnableTrailerSupport</strong> registry value, the systems are not vulnerable.</p> <p>Delete the DWORD registry value &quot;EnableTrailerSupport&quot; if present under:</p> <p><code> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters</code></p> <p>This mitigation only applies to Windows Server 2019 and Windows 10, version 1809 and does not apply to Windows 10, version 20H2 and newer.</p> <a href="https://m3ikshizuka.github.io/">Mikhail Medvedev (M3ik Shizuka)</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> 1.1 2022-01-12T08:00:00 <p>Clarified the mitigation and added FAQs. These are informational changes only.</p> Windows Installer Elevation of Privilege Vulnerability Windows Installer Microsoft Yes CVE-2022-21908 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Michael DePlante (@izobashi) of <a href="https://www.zerodayinitiative.com/">Trend Micro Zero Day Initiative</a> Levi Broderick, Microsoft and <a href="https://twitter.com/arudd1ck">Andrew Ruddick</a>, Microsoft Security Response Center 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Cluster Port Driver Elevation of Privilege Vulnerability Windows Cluster Port Driver Microsoft Yes CVE-2022-21910 11571 11572 11923 11924 11803 10816 10855 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11803 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11571 Important 11572 Important 11923 Important 11924 Important 11803 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11571 11572 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11803 5009543 5009543 https://support.microsoft.com/help/5009543 11803 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10816 10855 JIWO Technology Co., Ltd 1.0 2022-01-11T08:00:00 <p>Information published.</p> .NET Framework Denial of Service Vulnerability .NET Framework Microsoft Yes CVE-2022-21911 11529-10379 11676-11803 11650-10049 11650-10379 11676-11713 11676-11802 11650-10852 11529-10482 11676-11569 11650-10853 11676-11714 11676-11572 11650-10481 11676-11801 11529-10049 11650-10855 11650-10484 11650-10543 11650-10483 11529-10543 11650-10047 11650-10482 11676-11571 11650-10378 11650-10051 11529-10048 11650-10048 11676-11568 11529-10484 11529-10481 11529-10483 11529-10051 11529-10047 11650-10816 11676-11712 11529-10378 11677-11568 11677-11569 11677-11570 11677-11571 11723-10852 11677-10735 11677-11572 11723-10853 11723-10816 11677-10729 11723-10855 9292-9312 10728-9318 9292-9318 10728-9312 2472-10481 2472-10482 2472-10378 2472-10379 2472-10483 2472-10543 9495-10047 9495-10048 9495-10051 10636-10047 10636-10048 10636-10481 10636-10482 10636-10484 10636-9312 10636-9318 10636-10378 10636-10543 10636-10049 10636-10051 10636-10483 10636-10379 11676-11896 11676-11897 11676-11898 11676-11929 11676-11930 11676-11923 11676-11924 11676-11926 Denial of Service 11529-10379 Denial of Service 11676-11803 Denial of Service 11650-10049 Denial of Service 11650-10379 Denial of Service 11676-11713 Denial of Service 11676-11802 Denial of Service 11650-10852 Denial of Service 11529-10482 Denial of Service 11676-11569 Denial of Service 11650-10853 Denial of Service 11676-11714 Denial of Service 11676-11572 Denial of Service 11650-10481 Denial of Service 11676-11801 Denial of Service 11529-10049 Denial of Service 11650-10855 Denial of Service 11650-10484 Denial of Service 11650-10543 Denial of Service 11650-10483 Denial of Service 11529-10543 Denial of Service 11650-10047 Denial of Service 11650-10482 Denial of Service 11676-11571 Denial of Service 11650-10378 Denial of Service 11650-10051 Denial of Service 11529-10048 Denial of Service 11650-10048 Denial of Service 11676-11568 Denial of Service 11529-10484 Denial of Service 11529-10481 Denial of Service 11529-10483 Denial of Service 11529-10051 Denial of Service 11529-10047 Denial of Service 11650-10816 Denial of Service 11676-11712 Denial of Service 11529-10378 Denial of Service 11677-11568 Denial of Service 11677-11569 Denial of Service 11677-11570 Denial of Service 11677-11571 Denial of Service 11723-10852 Denial of Service 11677-10735 Denial of Service 11677-11572 Denial of Service 11723-10853 Denial of Service 11723-10816 Denial of Service 11677-10729 Denial of Service 11723-10855 Denial of Service 9292-9312 Denial of Service 10728-9318 Denial of Service 9292-9318 Denial of Service 10728-9312 Denial of Service 2472-10481 Denial of Service 2472-10482 Denial of Service 2472-10378 Denial of Service 2472-10379 Denial of Service 2472-10483 Denial of Service 2472-10543 Denial of Service 9495-10047 Denial of Service 9495-10048 Denial of Service 9495-10051 Denial of Service 10636-10047 Denial of Service 10636-10048 Denial of Service 10636-10481 Denial of Service 10636-10482 Denial of Service 10636-10484 Denial of Service 10636-9312 Denial of Service 10636-9318 Denial of Service 10636-10378 Denial of Service 10636-10543 Denial of Service 10636-10049 Denial of Service 10636-10051 Denial of Service 10636-10483 Denial of Service 10636-10379 Denial of Service 11676-11896 Denial of Service 11676-11897 Denial of Service 11676-11898 Denial of Service 11676-11929 Denial of Service 11676-11930 Denial of Service 11676-11923 Denial of Service 11676-11924 Denial of Service 11676-11926 Important 11529-10379 Important 11676-11803 Important 11650-10049 Important 11650-10379 Important 11676-11713 Important 11676-11802 Important 11650-10852 Important 11529-10482 Important 11676-11569 Important 11650-10853 Important 11676-11714 Important 11676-11572 Important 11650-10481 Important 11676-11801 Important 11529-10049 Important 11650-10855 Important 11650-10484 Important 11650-10543 Important 11650-10483 Important 11529-10543 Important 11650-10047 Important 11650-10482 Important 11676-11571 Important 11650-10378 Important 11650-10051 Important 11529-10048 Important 11650-10048 Important 11676-11568 Important 11529-10484 Important 11529-10481 Important 11529-10483 Important 11529-10051 Important 11529-10047 Important 11650-10816 Important 11676-11712 Important 11529-10378 Important 11677-11568 Important 11677-11569 Important 11677-11570 Important 11677-11571 Important 11723-10852 Important 11677-10735 Important 11677-11572 Important 11723-10853 Important 11723-10816 Important 11677-10729 Important 11723-10855 Important 9292-9312 Important 10728-9318 Important 9292-9318 Important 10728-9312 Important 2472-10481 Important 2472-10482 Important 2472-10378 Important 2472-10379 Important 2472-10483 Important 2472-10543 Important 9495-10047 Important 9495-10048 Important 9495-10051 Important 10636-10047 Important 10636-10048 Important 10636-10481 Important 10636-10482 Important 10636-10484 Important 10636-9312 Important 10636-9318 Important 10636-10378 Important 10636-10543 Important 10636-10049 Important 10636-10051 Important 10636-10483 Important 10636-10379 Important 11676-11896 Important 11676-11897 Important 11676-11898 Important 11676-11929 Important 11676-11930 Important 11676-11923 Important 11676-11924 Important 11676-11926 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11803 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11713 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11802 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11714 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11801 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11712 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11529-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11723-10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-10735 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11723-10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11723-10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-10729 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11723-10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9292-9312 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10728-9318 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9292-9318 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10728-9312 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9495-10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9495-10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9495-10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-9312 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-9318 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10636-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11896 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11897 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11898 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11926 5009720 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008874 4578961 11529-10379 11529-10378 Maybe Monthly Rollup 4.7.3905.0 https://support.microsoft.com/help/5009720 11529-10379 11529-10378 5009720 5009712 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008894 4601093 11529-10379 11529-10378 Maybe Security Only 4.7.3905.0 https://support.microsoft.com/help/5009712 11529-10379 11529-10378 5009712 5008876 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008876 11676-11803 11676-11802 11676-11801 11676-11896 11676-11897 11676-11898 11676-11929 11676-11930 Maybe Security Update 4.8.4465.0 https://support.microsoft.com/help/5008876 11676-11803 11676-11802 11676-11801 11676-11896 11676-11897 11676-11898 11676-11929 11676-11930 5008876 5009719 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008858 4578977 11650-10049 11650-10047 11650-10051 11650-10048 Maybe Monthly Rollup 4.8.4465.0 https://support.microsoft.com/help/5009719 11650-10049 11650-10047 11650-10051 11650-10048 5009719 5009711 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008885 4601089 11650-10049 11650-10047 11650-10051 11650-10048 Maybe Security Only 4.8.4465.0 https://support.microsoft.com/help/5009711 11650-10049 11650-10047 11650-10051 11650-10048 5009711 5009720 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008881 4578975 11650-10379 11650-10378 Maybe Monthly Rollup 4.8.4465.0 https://support.microsoft.com/help/5009720 11650-10379 11650-10378 5009720 5009712 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008896 4601091 11650-10379 11650-10378 Maybe Security Only 4.8.4465.0 https://support.microsoft.com/help/5009712 11650-10379 11650-10378 5009712 5008879 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008879 4578974 11676-11713 11676-11714 11676-11712 Maybe Security Update 4.8.4465.0 https://support.microsoft.com/help/5008879 11676-11713 11676-11714 11676-11712 5008879 5008877 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008877 4603002 11650-10852 11650-10853 11650-10855 11650-10816 Maybe Security Update 4.8.4465.0 https://support.microsoft.com/help/5008877 11650-10852 11650-10853 11650-10855 11650-10816 5008877 5009721 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008875 4601048 11529-10482 11529-10543 11529-10481 11529-10483 Maybe Monthly Rollup 4.7.3905.0 https://support.microsoft.com/help/5009721 11529-10482 11529-10543 11529-10481 11529-10483 5009721 5009713 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008895 4601094 11529-10482 11529-10543 11529-10481 11529-10483 Maybe Security Only 4.7.3905.0 https://support.microsoft.com/help/5009713 11529-10482 11529-10543 11529-10481 11529-10483 5009713 5009718 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008878 4578973 11676-11569 11676-11572 11676-11571 11676-11568 Maybe Security Update 4.8.4465.0 https://support.microsoft.com/help/5009718 11676-11569 11676-11572 11676-11571 11676-11568 5009718 5009721 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008883 4601058 11650-10481 11650-10543 11650-10483 11650-10482 Maybe Monthly Rollup 4.8.4465.0 https://support.microsoft.com/help/5009721 11650-10481 11650-10543 11650-10483 11650-10482 5009721 5009713 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008897 4601092 11650-10481 11650-10543 11650-10483 11650-10482 Maybe Security Only 4.8.4465.0 https://support.microsoft.com/help/5009713 11650-10481 11650-10543 11650-10483 11650-10482 5009713 5009719 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008859 4578963 11529-10049 11529-10048 11529-10051 11529-10047 Maybe Monthly Rollup 4.7.3905.0 https://support.microsoft.com/help/5009719 11529-10049 11529-10048 11529-10051 11529-10047 5009719 5009711 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008886 4601090 11529-10049 11529-10048 11529-10051 Maybe Security Only 4.7.3905.0 https://support.microsoft.com/help/5009711 11529-10049 11529-10048 11529-10051 5009711 5009721 4601058 11650-10484 Maybe Monthly Rollup 4.8.4465.0 https://support.microsoft.com/help/5009721 11650-10484 5009721 5009721 4601048 11529-10484 Maybe Monthly Rollup 4.7.3905.0 https://support.microsoft.com/help/5009721 11529-10484 5009721 5009711 4601090 11529-10047 Maybe Security Only 4.7.3905.0 https://support.microsoft.com/help/5009711 11529-10047 5009711 5009718 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008873 4579976 11677-11568 11677-11569 11677-11570 11677-11571 11677-11572 Maybe Security Update 4.7.3905.0 https://support.microsoft.com/help/5009718 11677-11568 11677-11569 11677-11570 11677-11571 11677-11572 5009718 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 11723-10852 11723-10853 11723-10816 11723-10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 11723-10852 11723-10853 11723-10816 11723-10855 5009546 5009546 https://support.microsoft.com/help/5009546 11723-10852 11723-10853 11723-10816 11723-10855 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 11677-10735 11677-10729 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 11677-10735 11677-10729 5009585 5009722 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008866 4579980 9292-9312 9292-9318 Maybe Monthly Rollup 2.0.50727.8955 https://support.microsoft.com/help/5009722 9292-9312 9292-9318 5009722 5009714 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008889 4578979 9292-9312 9292-9318 Maybe Security Only 2.0.50727.8955 https://support.microsoft.com/help/5009714 9292-9312 9292-9318 5009714 5009722 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008859 4578963 10728-9318 10728-9312 Maybe Monthly Rollup 4.7.3905.0 https://support.microsoft.com/help/5009722 10728-9318 10728-9312 5009722 5009714 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008886 4601090 10728-9318 10728-9312 Maybe Security Only 4.7.3905.0 https://support.microsoft.com/help/5009714 10728-9318 10728-9312 5009714 5009721 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008868 4578953 2472-10481 2472-10482 2472-10483 2472-10543 Maybe Monthly Rollup 2.0.50727.8955 https://support.microsoft.com/help/5009721 2472-10481 2472-10482 2472-10483 2472-10543 5009721 5009713 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008891 4578981 2472-10481 2472-10482 2472-10483 2472-10543 Maybe Security Only 2.0.50727.8955 https://support.microsoft.com/help/5009713 2472-10481 2472-10482 2472-10483 2472-10543 5009713 5009720 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008865 4578950 2472-10378 2472-10379 Maybe Monthly Rollup 2.0.50727.8955 https://support.microsoft.com/help/5009720 2472-10378 2472-10379 5009720 5009712 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008888 4578978 2472-10378 2472-10379 Maybe Security Only 2.0.50727.8955 https://support.microsoft.com/help/5009712 2472-10378 2472-10379 5009712 5009719 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008867 4578952 9495-10047 9495-10048 9495-10051 Maybe Monthly Rollup 2.0.50727.8955 https://support.microsoft.com/help/5009719 9495-10047 9495-10048 9495-10051 5009719 5009711 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008890 4578980 9495-10047 9495-10048 9495-10051 Maybe Security Only 2.0.50727.8955 https://support.microsoft.com/help/5009711 9495-10047 9495-10048 9495-10051 5009711 5009719 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008860 4578955 10636-10047 10636-10048 10636-10049 10636-10051 Maybe Monthly Rollup 4.0.30319.36720 https://support.microsoft.com/help/5009719 10636-10047 10636-10048 10636-10049 10636-10051 5009719 5009711 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008887 4578983 10636-10047 10636-10048 10636-10049 10636-10051 Maybe Security Only 4.0.30319.36720 https://support.microsoft.com/help/5009711 10636-10047 10636-10048 10636-10049 10636-10051 5009711 5009721 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008870 4578956 10636-10481 10636-10482 10636-10543 10636-10483 Maybe Monthly Rollup 4.0.30319.36720 https://support.microsoft.com/help/5009721 10636-10481 10636-10482 10636-10543 10636-10483 5009721 5009713 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008893 4578984 10636-10481 10636-10482 10636-10543 10636-10483 Maybe Security Only 4.0.30319.36720 https://support.microsoft.com/help/5009713 10636-10481 10636-10482 10636-10543 10636-10483 5009713 5009721 4578956 10636-10484 Maybe Monthly Rollup 4.0.30319.36720 https://support.microsoft.com/help/5009721 10636-10484 5009721 5009722 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008860 4578955 10636-9312 10636-9318 Maybe Monthly Rollup 4.0.30319.36720 https://support.microsoft.com/help/5009722 10636-9312 10636-9318 5009722 5009714 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008887 4578983 10636-9312 10636-9318 Maybe Security Only 4.0.30319.36720 https://support.microsoft.com/help/5009714 10636-9312 10636-9318 5009714 5009720 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008869 4578954 10636-10378 10636-10379 Maybe Monthly Rollup 4.0.30319.36720 https://support.microsoft.com/help/5009720 10636-10378 10636-10379 5009720 5009712 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008892 4578982 10636-10378 10636-10379 Maybe Security Only 4.0.30319.36720 https://support.microsoft.com/help/5009712 10636-10378 10636-10379 5009712 5008882 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008882 11676-11923 11676-11924 Maybe Security Update 4.8.4465.0 https://support.microsoft.com/help/5008882 11676-11923 11676-11924 5008882 5008880 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008880 11676-11926 Maybe Security Update 4.8.4465.0 https://support.microsoft.com/help/5008880 11676-11926 5008880 1.0 2022-01-11T08:00:00 <p>Information published.</p> DirectX Graphics Kernel Remote Code Execution Vulnerability <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An authenticated attacker could take advantage of a vulnerability in dxgkrnl.sys to execute an arbitrary pointer dereference in kernel mode.</p> <p><strong>According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?</strong></p> <p>Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.</p> Windows DirectX Microsoft Yes CVE-2022-21912 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11801 11802 11803 11929 11930 11931 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Critical 11568 Critical 11569 Critical 11570 Critical 11571 Critical 11572 Critical 11712 Critical 11713 Critical 11714 Critical 11896 Critical 11897 Critical 11898 Critical 11801 Critical 11802 Critical 11803 Critical 11929 Critical 11930 Critical 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 HongZhenhao of Ant Group Light-Year Security Lab 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows GDI+ Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.</p> Microsoft Graphics Component Microsoft Yes CVE-2022-21915 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11570 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11712 Information Disclosure 11713 Information Disclosure 11714 Information Disclosure 11896 Information Disclosure 11897 Information Disclosure 11898 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11801 Information Disclosure 11802 Information Disclosure 11803 Information Disclosure 11926 Information Disclosure 11927 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 10729 Information Disclosure 10735 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10047 Information Disclosure 10048 Information Disclosure 10481 Information Disclosure 10482 Information Disclosure 10484 Information Disclosure 9312 Information Disclosure 10287 Information Disclosure 9318 Information Disclosure 9344 Information Disclosure 10051 Information Disclosure 10049 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11570 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11712 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11713 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11714 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11896 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11897 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11898 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11801 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11802 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11803 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11926 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11927 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10729 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10735 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10047 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10048 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10481 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10482 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10484 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9312 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10287 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9318 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9344 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10051 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10049 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://twitter.com/gaborseljan">G&#225;bor Selj&#225;n</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass <p><strong>Where can I find more information?</strong></p> <p>Please see <a href="https://support.microsoft.com/help/5010265">KB5010265 adds AES encryption protections to the MS-LSAD protocol for CVE-2022-21913</a> for more information about how to protect yourself.</p> Windows Local Security Authority Microsoft Yes CVE-2022-21913 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11570 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11712 Security Feature Bypass 11713 Security Feature Bypass 11714 Security Feature Bypass 11896 Security Feature Bypass 11897 Security Feature Bypass 11898 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11801 Security Feature Bypass 11802 Security Feature Bypass 11803 Security Feature Bypass 11926 Security Feature Bypass 11927 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 10729 Security Feature Bypass 10735 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10047 Security Feature Bypass 10048 Security Feature Bypass 10481 Security Feature Bypass 10482 Security Feature Bypass 10484 Security Feature Bypass 9312 Security Feature Bypass 10287 Security Feature Bypass 9318 Security Feature Bypass 9344 Security Feature Bypass 10051 Security Feature Bypass 10049 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11568 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11569 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11570 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11571 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11572 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11712 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11713 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11714 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11896 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11897 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11898 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11923 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11924 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11801 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11802 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11803 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11926 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11927 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11929 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11930 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11931 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10729 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10735 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10852 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10853 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10816 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10855 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10047 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10048 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10481 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10482 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10484 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9312 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10287 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9318 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9344 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10051 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10049 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10378 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10379 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10483 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Andrew Bartlett of Catalyst IT 1.0 2022-01-11T08:00:00 <p>Information published.</p> 1.1 2022-01-13T08:00:00 <p>Added an FAQ. This is an information change only.</p> Windows Certificate Spoofing Vulnerability <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>A successful attacker could bypass the WPBT binary verification by using a small number of compromised certificates. Microsoft has added those certificates to the Windows kernel driver block list, driver.stl. Certificates on the driver.stl will be blocked even if present in the Windows Platform Binary Table (WPBT).</p> <p>In addition, Microsoft recommends customers use Windows Defender Application Control (WDAC) to limit what is allowed to run on their devices. WDAC policy is also enforced for binaries included in the WPBT and should mitigate this issue. We recommend customers implement a WDAC policy that is as restrictive as practical for their environment. You can find documentation on WDAC on <a href="https://docs.microsoft.com">https://docs.microsoft.com</a>.</p> Windows Certificates Microsoft Yes CVE-2022-21836 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Spoofing 11568 Spoofing 11569 Spoofing 11570 Spoofing 11571 Spoofing 11572 Spoofing 11712 Spoofing 11713 Spoofing 11714 Spoofing 11896 Spoofing 11897 Spoofing 11898 Spoofing 11923 Spoofing 11924 Spoofing 11801 Spoofing 11802 Spoofing 11803 Spoofing 11926 Spoofing 11927 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 10729 Spoofing 10735 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 10047 Spoofing 10048 Spoofing 10481 Spoofing 10482 Spoofing 10484 Spoofing 9312 Spoofing 10287 Spoofing 9318 Spoofing 9344 Spoofing 10051 Spoofing 10049 Spoofing 10378 Spoofing 10379 Spoofing 10483 Spoofing 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10047 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10048 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 9312 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10287 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 9318 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 9344 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10051 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10049 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Mickey Shkatov 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Remote Access Connection Manager Elevation of Privilege Vulnerability <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>A local, authenticated attacker could gain elevated privileges through a vulnerable file system component.</p> Windows Remote Access Connection Manager Microsoft Yes CVE-2022-21914 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 StackLeader in Tianfu Cup 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Microsoft Yes CVE-2022-21895 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Qinrun Dai(@2st) of Singular Security Lab Abdelhamid Naceri working with <a href="https://www.zerodayinitiative.com/">Trend Micro Zero Day Initiative</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Microsoft Yes CVE-2022-21916 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://twitter.com/thunderj17">Thunder J</a> and <a href="https://twitter.com/secboxer">Boxer</a> <a href="https://www.cyberkl.com/">BugHunter010</a> with <a href="https://www.cyberkl.com/">KunLun Lab</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> HEVC Video Extensions Remote Code Execution Vulnerability <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>A crafted image file could cause a crash in Explorer during browsing of the directory containing the file.</p> <p><strong>How do I get the updated app?</strong></p> <p>The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see <a href="https://support.microsoft.com/en-us/account-billing/get-updates-for-apps-and-games-in-microsoft-store-a1fe19c0-532d-ec47-7035-d1c5a1dd464f">here</a> for details.</p> <p>It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.</p> <p><strong>My system is in a disconnected environment; is it vulnerable?</strong></p> <p>Customers using the the Volume Licensing Servicing Center can get this update through their organizations.</p> <p><strong>How can I check if the update is installed?</strong></p> <p>If your device manufacturer preinstalled this app, package versions <strong>1.0.43421.0</strong> and later contain this update.</p> <p>If you purchased this app from the Microsoft Store, package versions <strong>1.0.43422.0</strong> and later contain this update.</p> <p>You can check the package version in PowerShell:</p> <p><code>Get-AppxPackage -Name Microsoft.HEVCVideoExtension*</code></p> <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>This vulnerability requires an authenticated victim to be tricked into opening a specially crafted media file which could result in remote code execution on the victim's machine.</p> Microsoft Windows Codecs Library Microsoft Yes CVE-2022-21917 11808 Remote Code Execution 11808 Critical 11808 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11808 Update Information 11808 Maybe Security Update 1.0.43421.0 & 1.0.43422.0 https://support.microsoft.com/en-us/account-billing/get-updates-for-apps-and-games-in-microsoft-store-a1fe19c0-532d-ec47-7035-d1c5a1dd464f 11808 Update Information Dhanesh Kizhakkinan with Mandiant 1.0 2022-01-11T08:00:00 <p>Information published.</p> DirectX Graphics Kernel File Denial of Service Vulnerability Windows DirectX Microsoft Yes CVE-2022-21918 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Denial of Service 11568 Denial of Service 11569 Denial of Service 11570 Denial of Service 11571 Denial of Service 11572 Denial of Service 11712 Denial of Service 11713 Denial of Service 11714 Denial of Service 11896 Denial of Service 11897 Denial of Service 11898 Denial of Service 11923 Denial of Service 11924 Denial of Service 11801 Denial of Service 11802 Denial of Service 11803 Denial of Service 11926 Denial of Service 11927 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11570 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11712 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11713 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11714 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11896 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11897 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11898 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11801 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11802 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11803 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11926 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11927 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 HongZhenhao of Ant Group Light-Year Security Lab 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Microsoft Yes CVE-2022-21919 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10047 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10048 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 9312 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10287 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 9318 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 9344 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10051 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10049 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 7.0 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Kerberos Elevation of Privilege Vulnerability <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain domain administrator privileges.</p> Windows Kerberos Microsoft Yes CVE-2022-21920 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Defender Credential Guard Security Feature Bypass Vulnerability Windows Defender Microsoft Yes CVE-2022-21921 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Security Feature Bypass 11896 Security Feature Bypass 11897 Security Feature Bypass 11898 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11801 Security Feature Bypass 11802 Security Feature Bypass 11803 Security Feature Bypass 11926 Security Feature Bypass 11927 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11896 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11897 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11898 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11801 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11802 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11803 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11926 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11927 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 1.0 2022-01-11T08:00:00 <p>Information published.</p> Remote Procedure Call Runtime Remote Code Execution Vulnerability <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>The authenticated attacker could take advantage of this vulnerability to execute malicious code through the RPC runtime.</p> <p><strong>According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?</strong></p> <p>Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.</p> <p><strong>What is RPC runtime?</strong></p> <p>See <a href="https://docs.microsoft.com/en-us/windows/win32/rpc/rpc-start-page">Remote procedure call (RPC)</a> for more information on RPC and RPC Runtime.</p> Windows Remote Procedure Call Runtime Microsoft Yes CVE-2022-21922 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10047 Remote Code Execution 10048 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 9312 Remote Code Execution 10287 Remote Code Execution 9318 Remote Code Execution 9344 Remote Code Execution 10051 Remote Code Execution 10049 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21928 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 6.3 5.7 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21958 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21959 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21960 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21961 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21962 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21963 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 6.4 5.6 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker that successfully exploited this vulnerability could recover cleartext passwords from memory.</p> Windows Remote Desktop Microsoft Yes CVE-2022-21964 10852 10853 Information Disclosure 10852 Information Disclosure 10853 Important 10852 Important 10853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 1.0 2022-01-11T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0096 Use after free in Storage <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0096 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0097 Inappropriate implementation in DevTools <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0097 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0098 Use after free in Screen Capture <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0098 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0099 Use after free in Sign-in <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0099 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0100 Heap buffer overflow in Media streams API <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0100 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0101 Heap buffer overflow in Bookmarks <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0101 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0102 Type Confusion in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0102 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0103 Use after free in SwiftShader <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0103 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0104 Heap buffer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0104 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0105 Use after free in PDF <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0105 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0106 Use after free in Autofill <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0106 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0107 Use after free in File Manager API <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0107 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0108 Inappropriate implementation in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0108 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0109 Inappropriate implementation in Autofill <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0109 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0110 Incorrect security UI in Autofill <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0110 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0111 Inappropriate implementation in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0111 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0112 Incorrect security UI in Browser UI <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0112 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0113 Inappropriate implementation in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0113 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0114 Out of bounds memory access in Web Serial <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0114 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0115 Uninitialized Use in File API <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0115 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0116 Inappropriate implementation in Compositing <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0116 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0117 Policy bypass in Service Workers <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0117 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0118 Inappropriate implementation in WebShare <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0118 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0120 Inappropriate implementation in Passwords <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0120 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-06T08:00:00 <p>Information published.</p> Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2022-21970 11655 Elevation of Privilege 11655 Important 11655 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes <a href="https://www.daviderceg.com/">David Erceg</a> 1.0 2022-01-06T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0311 Heap buffer overflow in Task Manager <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0311 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0289 Use after free in Safe browsing <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2022">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0289 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0290 Use after free in Site isolation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0290 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0291 Inappropriate implementation in Storage <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0291 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0292 Inappropriate implementation in Fenced Frames <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0292 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0293 Use after free in Web packaging <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0293 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0294 Inappropriate implementation in Push messaging <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0294 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0295 Use after free in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0295 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0296 Use after free in Printing <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0296 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0297 Use after free in Vulkan <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0297 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0298 Use after free in Scheduling <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0298 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0300 Use after free in Text Input Method Editor <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0300 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0301 Heap buffer overflow in DevTools <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0301 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0302 Use after free in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0302 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0303 Race in GPU Watchdog <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0303 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0304 Use after free in Bookmarks <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0304 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0305 Inappropriate implementation in Service Worker API <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0305 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0306 Heap buffer overflow in PDFium <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0306 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0307 Use after free in Optimization Guide <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0307 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0308 Use after free in Data Transfer <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0308 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0309 Inappropriate implementation in Autofill <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0309 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Chromium: CVE-2022-0310 Heap buffer overflow in Task Manager <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2021">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2022-0310 11655 11655 11655 Release Notes 11655 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2022-01-20T08:00:00 <p>Information published.</p> Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V Microsoft Yes CVE-2022-21847 11569 11571 11572 11713 11896 11923 11924 11803 11926 11931 Denial of Service 11569 Denial of Service 11571 Denial of Service 11572 Denial of Service 11713 Denial of Service 11896 Denial of Service 11923 Denial of Service 11924 Denial of Service 11803 Denial of Service 11926 Denial of Service 11931 Important 11569 Important 11571 Important 11572 Important 11713 Important 11896 Important 11923 Important 11924 Important 11803 Important 11926 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11713 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11896 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11803 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11926 6.5 5.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11569 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11569 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11569 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11713 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11713 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11803 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 5009566 5009566 https://support.microsoft.com/help/5009566 11926 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11931 5009543 Wei in Kunlun Lab 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Windows IKE Extension Microsoft Yes CVE-2022-21848 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Denial of Service 11568 Denial of Service 11569 Denial of Service 11570 Denial of Service 11571 Denial of Service 11572 Denial of Service 11712 Denial of Service 11713 Denial of Service 11714 Denial of Service 11896 Denial of Service 11897 Denial of Service 11898 Denial of Service 11923 Denial of Service 11924 Denial of Service 11801 Denial of Service 11802 Denial of Service 11803 Denial of Service 11926 Denial of Service 11927 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 10729 Denial of Service 10735 Denial of Service 10852 Denial of Service 10853 Denial of Service 10816 Denial of Service 10855 Denial of Service 10047 Denial of Service 10048 Denial of Service 10481 Denial of Service 10482 Denial of Service 10484 Denial of Service 9312 Denial of Service 10287 Denial of Service 9318 Denial of Service 9344 Denial of Service 10051 Denial of Service 10049 Denial of Service 10378 Denial of Service 10379 Denial of Service 10483 Denial of Service 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11712 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11713 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11714 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11896 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11897 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11898 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11801 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11802 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11803 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11926 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11927 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10729 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10735 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9312 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10287 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9318 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 9344 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <p>Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:</p> <p>Only systems with the IKE and AuthIP IPsec Keying Modules running are vulnerable to this attack.</p> <p>You can run either of the following commands to check the running status of this service:</p> <p>PS: <code>C:\&amp;gt; Get-Service Ikeext</code></p> <ul> <li>OR</li> </ul> <p>Cmd: <code>C:\&amp;gt; sc query ikeext</code></p> <p>This mitigation could have negative affects on your IPSec functionality. Microsoft strongly recommends updating your system with the latest Windows security updates.</p> The UK’s National Cyber Security Centre (NCSC) <a href=https://www.youtube.com/watch?v=0AhPC_dHkHo>Polar Bear</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Remote Desktop Client Remote Code Execution Vulnerability <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.</p> Windows RDP Microsoft Yes CVE-2022-21850 11568 11569 11570 11571 11572 11712 11713 11714 11849 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11849 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10047 Remote Code Execution 10048 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 9312 Remote Code Execution 10287 Remote Code Execution 9318 Remote Code Execution 9344 Remote Code Execution 10051 Remote Code Execution 10049 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11849 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11849 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 Release Notes https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/windowsdesktop-whatsnew#updates-for-version-122691 11849 Maybe Security Update 1.2.2691.0 https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/windowsdesktop-whatsnew 11849 Release Notes 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Remote Desktop Client Remote Code Execution Vulnerability <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An authenticated user could be tricked into connecting to a malicious remote desktop server where the remote desktop host server sends a specially crafted PDU (Server RDP Preconnection) that targets the remote client's drive redirection virtual channel. The end result could lead to remote code execution on the victim's machine.</p> Windows RDP Microsoft Yes CVE-2022-21851 11568 11569 11570 11571 11572 11712 11713 11714 11849 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11849 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10047 Remote Code Execution 10048 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 9312 Remote Code Execution 10287 Remote Code Execution 9318 Remote Code Execution 9344 Remote Code Execution 10051 Remote Code Execution 10049 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11849 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11849 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 Release Notes https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/windowsdesktop-whatsnew#updates-for-version-122691 11849 Maybe Security Update 1.2.2691.0 https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/windowsdesktop-whatsnew 11849 Release Notes 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>In an environment where Internet Key Exchange (IKE) version 2 is enabled, a remote attacker could trigger multiple vulnerabilities without being authenticated.</p> Windows IKE Extension Microsoft Yes CVE-2022-21849 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 <p>Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:</p> <p>Only systems with the IKE and AuthIP IPsec Keying Modules running are vulnerable to this attack.</p> <p>You can run either of the following commands to check the running status of this service:</p> <p>PS: <code>C:\&amp;gt; Get-Service Ikeext</code></p> <ul> <li>OR</li> </ul> <p>Cmd: <code>C:\&amp;gt; sc query ikeext</code></p> <p>This mitigation could have negative affects on your IPSec functionality. Microsoft strongly recommends updating your system with the latest Windows security updates.</p> <a href="https://www.youtube.com/watch?v=0AhPC_dHkHo">Polar Bear</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Exchange Server Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?</strong></p> <p>This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include the same shared physical network (such as Bluetooth or IEEE 802.11), logical network (local IP subnet), or from within a secure or otherwise limited administrative domain (MPLS, secure VPN to an administrative network zone). This is common to many attacks that require machine-in-the-middle (MITM) type setups or that rely on initially gaining a foothold in another environment.</p> Microsoft Exchange Server Microsoft Yes CVE-2022-21846 11956 11957 11682 11906 11908 Remote Code Execution 11956 Remote Code Execution 11957 Remote Code Execution 11682 Remote Code Execution 11906 Remote Code Execution 11908 Critical 11956 Critical 11957 Critical 11682 Critical 11906 Critical 11908 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11956 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11957 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11682 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11906 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11908 5008631 http://www.microsoft.com/download/details.aspx?familyid=ec50d425-44a9-4f15-bda0-bc1d62f36310 5007409 11956 Yes Security Update 15.01.2375.018 https://support.microsoft.com/help/5008631 11956 5008631 5008631 https://support.microsoft.com/help/5008631 11956 11957 11682 11906 11908 5008631 http://www.microsoft.com/download/details.aspx?familyid=02f280f1-e574-4ef6-a265-8d33f6e5823b 5007409 11957 Yes Security Update 15.02.0986.015 https://support.microsoft.com/help/5008631 11957 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=9bcec622-bd02-4557-ad77-4c560abb3da3 5007409 11682 Yes Security Update 15.00.1497.028 https://support.microsoft.com/help/5008631 11682 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=be6d511a-2523-4817-b5cd-11d1316ac398 5007409 11906 Yes Security Update 15.01.2308.021 https://support.microsoft.com/help/5008631 11906 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=c03bef2b-342f-40ef-a35b-e3f56bc909ad 5007409 11908 Yes Security Update 15.02.0922.020 https://support.microsoft.com/help/5008631 11908 5008631 National Security Agency 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Exchange Server Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?</strong></p> <p>This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include the same shared physical network (such as Bluetooth or IEEE 802.11), logical network (local IP subnet), or from within a secure or otherwise limited administrative domain (MPLS, secure VPN to an administrative network zone). This is common to many attacks that require machine-in-the-middle (MITM) type setups or that rely on initially gaining a foothold in another environment.</p> Microsoft Exchange Server Microsoft Yes CVE-2022-21855 11682 11906 11908 11956 11957 Remote Code Execution 11682 Remote Code Execution 11906 Remote Code Execution 11908 Remote Code Execution 11956 Remote Code Execution 11957 Important 11682 Important 11906 Important 11908 Important 11956 Important 11957 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11682 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11906 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11908 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11956 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11957 5008631 http://www.microsoft.com/download/details.aspx?familyid=9bcec622-bd02-4557-ad77-4c560abb3da3 5007409 11682 Yes Security Update 15.00.1497.028 https://support.microsoft.com/help/5008631 11682 5008631 5008631 https://support.microsoft.com/help/5008631 11682 11906 11908 11956 11957 5008631 http://www.microsoft.com/download/details.aspx?familyid=be6d511a-2523-4817-b5cd-11d1316ac398 5007409 11906 Yes Security Update 15.01.2308.021 https://support.microsoft.com/help/5008631 11906 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=c03bef2b-342f-40ef-a35b-e3f56bc909ad 5007409 11908 Yes Security Update 15.02.0922.020 https://support.microsoft.com/help/5008631 11908 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=ec50d425-44a9-4f15-bda0-bc1d62f36310 5007409 11956 Yes Security Update 15.01.2375.018 https://support.microsoft.com/help/5008631 11956 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=02f280f1-e574-4ef6-a265-8d33f6e5823b 5007409 11957 Yes Security Update 15.02.0986.015 https://support.microsoft.com/help/5008631 11957 5008631 <a href="https://twitter.com/arudd1ck">Andrew Ruddick</a>, Microsoft Security Response Center 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft SharePoint Server Remote Code Execution Vulnerability <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>An authenticated attacker with access to the domain could perform remote code execution on the SharePoint server to elevate themselves to SharePoint admin.</p> Microsoft Office SharePoint Microsoft Yes CVE-2022-21837 10950 11585 11961 10612 Remote Code Execution 10950 Remote Code Execution 11585 Remote Code Execution 11961 Remote Code Execution 10612 Important 10950 Important 11585 Important 11961 Important 10612 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.3 7.2 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C 10950 8.3 7.2 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C 11585 8.3 7.2 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C 11961 8.3 7.2 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C 10612 5002113 https://www.microsoft.com/download/details.aspx?familyid=d6f3bfae-cb60-47b6-8c1a-d60c96c3f24a 5002055 10950 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002113 10950 5002113 5002113 https://support.microsoft.com/help/5002113 10950 5002109 https://www.microsoft.com/download/details.aspx?familyid=b5de2562-9f1d-476e-927c-4b440ba163b3 5002054 11585 Maybe Security Update 16.0.10382.20004 https://support.microsoft.com/help/5002109 11585 5002109 5002109 https://support.microsoft.com/help/5002109 11585 5002111 https://www.microsoft.com/download/details.aspx?familyid=91a76e44-a6bc-48a2-8a3e-ae22d6260806 11961 Maybe Security Update 16.0.14326.20714 https://support.microsoft.com/help/5002111 11961 5002111 5002111 https://support.microsoft.com/help/5002111 11961 5002127 https://www.microsoft.com/download/details.aspx?familyid=a7de2a7b-35b0-42d3-9a12-09cbd1f6e79b 5002071 10612 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002127 10612 5002127 5002127 https://support.microsoft.com/help/5002127 10612 <a href="https://twitter.com/edwardzpeng">Zhiniang Peng</a> with <a href="https://www.sangfor.com/">Sangfor</a> <a href="https://twitter.com/cjm00nw">Yuhao Weng</a> with <a href="https://www.sangfor.com/">Sangfor</a> 1.1 2022-01-12T08:00:00 <p>Added an acknowledgement. This is an informational change only.</p> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability Microsoft Dynamics Microsoft Yes CVE-2022-21932 11954 Spoofing 11954 Important 11954 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.6 6.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C 11954 5010574 https://www.microsoft.com/en-us/download/details.aspx?id=103858 11954 Maybe Security Update 9.0.34.12 https://support.microsoft.com/help/5010574 11954 5010574 <a href="http://vnprogramming.com"> Pham Van Khanh </a> @rskvp93 from Viettel Cyber Security 1.0 2022-01-11T08:00:00 <p>Information published.</p> 1.1 2022-01-11T08:00:00 <p>The following revisions have been made: 1) In the Security Updates table, removed Microsoft Dynamics 365 Customer Engagement V9.1 as it is not affected by this vulnerability. 2) Added the update information for Microsoft Dynamics 365 Customer Engagement V9.0.</p> Microsoft Word Remote Code Execution Vulnerability <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?</strong></p> <p>Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.</p> Microsoft Office Word Microsoft Yes CVE-2022-21842 10950 10746 10747 Remote Code Execution 10950 Remote Code Execution 10746 Remote Code Execution 10747 Important 10950 Important 10746 Important 10747 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10950 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10746 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10747 5002113 https://www.microsoft.com/download/details.aspx?familyid=d6f3bfae-cb60-47b6-8c1a-d60c96c3f24a 5002055 10950 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002113 10950 5002113 5002113 https://support.microsoft.com/help/5002113 10950 5002118 https://www.microsoft.com/download/details.aspx?familyid=6fd40952-397c-4963-b1fa-f27b3359880c 5002059 10950 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/kb/5002118 10950 5002118 5002057 https://www.microsoft.com/download/details.aspx?familyid=408f81dc-0b7f-47f1-8bca-00400fa7e937 5002004 10746 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/kb/5002057 10746 5002057 5002057 https://www.microsoft.com/download/details.aspx?familyid=b9c33350-105d-4648-a07d-9a541c22dbd6 5002004 10747 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/kb/5002057 10747 5002057 <a href="https://twitter.com/rwxcode">ShiLongan</a> with <a href="https://www.nsfocus.com.cn/">NSFOCUS TIANJI LAB</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>Are the updates for the Microsoft Office for Mac currently available?</strong></p> <p>The security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.</p> Microsoft Office Excel Microsoft Yes CVE-2022-21841 11573 11574 11575 11762 11763 11951 11952 11953 10753 10754 10603 10601 10602 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11575 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 10753 Remote Code Execution 10754 Remote Code Execution 10603 Remote Code Execution 10601 Remote Code Execution 10602 Important 11573 Important 11574 Important 11575 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 10753 Important 10754 Important 10603 Important 10601 Important 10602 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11575 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10753 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10754 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10603 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10601 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10602 Click to Run 11573 11574 11762 11763 11952 11953 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11575 11951 Maybe Security Update 16.57.22011101 https://go.microsoft.com/fwlink/p/?linkid=831049 11575 11951 Release Notes 5002116 https://www.microsoft.com/download/details.aspx?familyid=04028af5-14ac-4a99-8ec2-fb7e6ef18a41 5002033 10753 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/kb/5002116 10753 5002116 5002116 https://www.microsoft.com/download/details.aspx?familyid=7fa4a9a7-9a4c-4e21-8160-0400c6f652f4 5002033 10754 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/kb/5002116 10754 5002116 5002119 5002101 10603 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002119 10603 5002119 5002119 https://www.microsoft.com/download/details.aspx?familyid=824f71ba-4351-4d80-98cc-5e9ef6d9486a 5002101 10601 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002119 10601 5002119 5002119 https://www.microsoft.com/download/details.aspx?familyid=24f84b66-8677-4607-8d0a-5d7829937d03 5002101 10602 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002119 10602 5002119 <a href="https://www.linkedin.com/in/jaanuskaap/">Jaanus K&#228;&#228;p</a> with <a href="https://www.clarifiedsecurity.com/">Clarified Security</a> <a href="https://www.linkedin.com/in/jaanuskaap/">Jaanus K&#228;&#228;p</a> with <a href="https://www.clarifiedsecurity.com/">Clarified Security</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> 2.0 2022-01-13T08:00:00 <p>Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the <a href="https://go.microsoft.com/fwlink/p/?linkid=831049">Release Notes</a> for more information and download links.</p> Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability Windows Event Tracing Microsoft Yes CVE-2022-21839 11568 11569 11570 11571 11572 Denial of Service 11568 Denial of Service 11569 Denial of Service 11570 Denial of Service 11571 Denial of Service 11572 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C 11568 6.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C 11569 6.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C 11570 6.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C 11571 6.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C 11572 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Office Remote Code Execution Vulnerability <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>Exploitation of the vulnerability requires that a user open a specially crafted file.</p> <ul> <li>In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.</li> <li>In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.</li> </ul> <p>An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.</p> <p><strong>Are the updates for the Microsoft Office for Mac currently available?</strong></p> <p>The security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.</p> <p><strong>There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?</strong></p> <p>Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.</p> Microsoft Office Microsoft Yes CVE-2022-21840 10950 11099 11585 11573 11574 11575 11605 11762 11763 11951 11952 11953 11961 11972 10739 10740 10753 10754 10656 10654 10655 10603 10601 10602 10611 10612 Remote Code Execution 10950 Remote Code Execution 11099 Remote Code Execution 11585 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11575 Remote Code Execution 11605 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 11961 Remote Code Execution 11972 Remote Code Execution 10739 Remote Code Execution 10740 Remote Code Execution 10753 Remote Code Execution 10754 Remote Code Execution 10656 Remote Code Execution 10654 Remote Code Execution 10655 Remote Code Execution 10603 Remote Code Execution 10601 Remote Code Execution 10602 Remote Code Execution 10611 Remote Code Execution 10612 Critical 10950 Critical 11099 Critical 11585 Critical 11573 Critical 11574 Critical 11575 Critical 11605 Critical 11762 Critical 11763 Critical 11951 Critical 11952 Critical 11953 Critical 11961 Critical 11972 Critical 10739 Critical 10740 Critical 10753 Critical 10754 Critical 10656 Critical 10654 Critical 10655 Critical 10603 Critical 10601 Critical 10602 Critical 10611 Critical 10612 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10950 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11099 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11585 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11575 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11605 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11961 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11972 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10753 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10754 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10656 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10654 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10655 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10603 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10601 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10602 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10611 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10612 5002113 https://www.microsoft.com/download/details.aspx?familyid=d6f3bfae-cb60-47b6-8c1a-d60c96c3f24a 5002055 10950 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002113 10950 5002113 5002113 https://support.microsoft.com/help/5002113 10950 5002118 https://www.microsoft.com/download/details.aspx?familyid=6fd40952-397c-4963-b1fa-f27b3359880c 5002059 10950 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/kb/5002118 10950 5002118 5001995 https://www.microsoft.com/download/details.aspx?familyid=14ba7146-aff3-4cf9-9031-7fd97dede2dc 4011599 11099 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5001995 11099 5001995 5002102 https://www.microsoft.com/download/details.aspx?familyid=fa024a31-43b2-4c30-9203-922d5e23ae72 5002063 11099 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/kb/5002102 11099 5002102 5002109 https://www.microsoft.com/download/details.aspx?familyid=b5de2562-9f1d-476e-927c-4b440ba163b3 5002054 11585 Maybe Security Update 16.0.10382.20004 https://support.microsoft.com/help/5002109 11585 5002109 5002109 https://support.microsoft.com/help/5002109 11585 5002108 https://www.microsoft.com/download/details.aspx?familyid=35c72540-73dc-43d9-9f84-c23549579750 5002061 11585 Maybe Security Update 16.0.10382.20004 https://support.microsoft.com/kb/5002108 11585 5002108 Click to Run 11573 11574 11762 11763 11952 11953 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11575 11951 Maybe Security Update 16.57.22011101 https://go.microsoft.com/fwlink/p/?linkid=831049 11575 11951 Release Notes 5002107 https://www.microsoft.com/download/details.aspx?familyid=4f58601a-ae8a-438e-92b9-102c03b55ea0 5002097 11605 Maybe Security Update 16.0.10382.20004 https://support.microsoft.com/kb/5002107 11605 5002107 5002111 https://www.microsoft.com/download/details.aspx?familyid=91a76e44-a6bc-48a2-8a3e-ae22d6260806 11961 Maybe Security Update 16.0.14326.20714 https://support.microsoft.com/help/5002111 11961 5002111 5002111 https://support.microsoft.com/help/5002111 11961 5002110 https://www.microsoft.com/download/details.aspx?familyid=1b00aeb1-4151-4b89-83c8-0e5e21d3a9d0 5002047 11972 Maybe Security Update 16.0.14326.20714 https://support.microsoft.com/help/5002110 11972 5002110 5002114 https://www.microsoft.com/download/details.aspx?familyid=84b04630-17b9-48ba-83a9-6fdce0a47806 5002098 10739 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002114 10739 5002114 5002114 https://www.microsoft.com/download/details.aspx?familyid=044256c0-a165-44bd-a025-0b61e2e81aeb 5002098 10740 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002114 10740 5002114 5002060 https://www.microsoft.com/download/details.aspx?familyid=59f5a82f-6455-40e5-932a-6d9c1a206f94 5001982 10753 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002060 10753 5002060 5002115 https://www.microsoft.com/download/details.aspx?familyid=6f16e541-91c2-4201-91b5-1367d94a744a 5002099 10753 Maybe Security Update 16.0.5266.1001 https://support.microsoft.com/help/5002115 10753 5002115 5002052 https://www.microsoft.com/download/details.aspx?familyid=3d50e2d8-52c3-482d-a1c8-ffcd3a3762a2 10753 Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002052 10753 5002052 5002060 https://www.microsoft.com/download/details.aspx?familyid=fa509eb3-67de-42d0-857b-9df9e31c416e 5001982 10754 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002060 10754 5002060 5002115 https://www.microsoft.com/download/details.aspx?familyid=8d9e5de9-ca18-4221-803a-1da0d6041dc0 5002099 10754 Maybe Security Update 16.0.5266.1001 https://support.microsoft.com/help/5002115 10754 5002115 5002052 https://www.microsoft.com/download/details.aspx?familyid=b84f8cf5-c4a8-4fc9-813d-53d13a0118d2 10754 Maybe Security Update 16.0.5266.1000 https://support.microsoft.com/help/5002052 10754 5002052 5002128 10656 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002128 10656 5002128 5002128 https://www.microsoft.com/download/details.aspx?familyid=714b9680-6137-4f1d-8126-59d7120f43bf 5002105 10654 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002128 10654 5002128 5002128 https://www.microsoft.com/download/details.aspx?familyid=c86b0f3c-6629-4a00-b508-adf801b70d14 5002105 10655 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002128 10655 5002128 5002064 5001985 10603 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002064 10603 5002064 5002124 5002104 10603 Maybe Security Update 15.0.5415.1001 https://support.microsoft.com/help/5002124 10603 5002124 4462205 10603 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/4462205 10603 4462205 5002064 https://www.microsoft.com/download/details.aspx?familyid=95bccebd-5883-4322-802f-430f16c19835 5001985 10601 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002064 10601 5002064 5002124 https://www.microsoft.com/download/details.aspx?familyid=6f127106-6fe4-48c0-a3e4-714e4863d809 5002104 10601 Maybe Security Update 15.0.5415.1001 https://support.microsoft.com/help/5002124 10601 5002124 4462205 https://www.microsoft.com/download/details.aspx?familyid=8f3a5c52-5e71-4e60-bbfd-033522778826 10601 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/4462205 10601 4462205 5002064 https://www.microsoft.com/download/details.aspx?familyid=b398186e-2d68-406d-a8b5-cf44c767b0b2 5001985 10602 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002064 10602 5002064 5002124 https://www.microsoft.com/download/details.aspx?familyid=cf25ca73-72a2-459d-861e-2abfaa2a837c 5002104 10602 Maybe Security Update 15.0.5415.1001 https://support.microsoft.com/help/5002124 10602 5002124 4462205 https://www.microsoft.com/download/details.aspx?familyid=ea45ca77-0bad-48d0-8a78-e15b2f75166d 10602 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/4462205 10602 4462205 5002122 https://www.microsoft.com/download/details.aspx?familyid=910e8808-e9e7-47e9-96ff-8e5007d017ff 5002103 10611 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/kb/5002122 10611 5002122 5002127 https://www.microsoft.com/download/details.aspx?familyid=a7de2a7b-35b0-42d3-9a12-09cbd1f6e79b 5002071 10612 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/help/5002127 10612 5002127 5002127 https://support.microsoft.com/help/5002127 10612 5002129 https://www.microsoft.com/download/details.aspx?familyid=487844af-3171-4b92-b28e-8b94f77abc76 5002015 10612 Maybe Security Update 15.0.5415.1000 https://support.microsoft.com/kb/5002129 10612 5002129 Anonymous Finder 1.0 2022-01-11T08:00:00 <p>Information published.</p> 2.0 2022-01-13T08:00:00 <p>Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the <a href="https://go.microsoft.com/fwlink/p/?linkid=831049">Release Notes</a> for more information and download links.</p> Windows Cleanup Manager Elevation of Privilege Vulnerability <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents.</p> Windows Cleanup Manager Microsoft Yes CVE-2022-21838 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11570 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11712 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11713 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11714 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11896 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11897 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11898 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11801 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11802 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11803 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11926 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11927 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10729 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10735 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10047 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10048 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10481 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10482 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10484 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10051 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10049 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Abdelhamid Naceri working with <a href="https://www.zerodayinitiative.com/">Trend Micro Zero Day Initiative</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Cryptographic Services Elevation of Privilege Vulnerability Windows Cryptographic Services Microsoft Yes CVE-2022-21835 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://twitter.com/lxf02942370">Xuefeng Li</a> and <a href="https://twitter.com/edwardzpeng">Zhiniang Peng</a> with <a href="https://www.sangfor.com/">Sangfor</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability Windows User-mode Driver Framework Microsoft Yes CVE-2022-21834 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 1.0 2022-01-11T08:00:00 <p>Information published.</p> Virtual Machine IDE Drive Elevation of Privilege Vulnerability Windows Virtual Machine IDE Drive Microsoft Yes CVE-2022-21833 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Critical 11568 Critical 11569 Critical 11570 Critical 11571 Critical 11572 Critical 11712 Critical 11713 Critical 11714 Critical 11896 Critical 11897 Critical 11898 Critical 11923 Critical 11924 Critical 11801 Critical 11802 Critical 11803 Critical 11926 Critical 11927 Critical 11929 Critical 11930 Critical 11931 Critical 10729 Critical 10735 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Critical 10047 Critical 10048 Critical 10481 Critical 10482 Critical 10484 Critical 9312 Critical 10287 Critical 9318 Critical 9344 Critical 10051 Critical 10049 Critical 10378 Critical 10379 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 11929 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 11929 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Microsoft Offensive Research & Security Engineering 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Windows IKE Extension Microsoft Yes CVE-2022-21890 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 10051 10049 10378 10379 10483 10543 Denial of Service 11568 Denial of Service 11569 Denial of Service 11570 Denial of Service 11571 Denial of Service 11572 Denial of Service 11712 Denial of Service 11713 Denial of Service 11714 Denial of Service 11896 Denial of Service 11897 Denial of Service 11898 Denial of Service 11923 Denial of Service 11924 Denial of Service 11801 Denial of Service 11802 Denial of Service 11803 Denial of Service 11926 Denial of Service 11927 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 10729 Denial of Service 10735 Denial of Service 10852 Denial of Service 10853 Denial of Service 10816 Denial of Service 10855 Denial of Service 10047 Denial of Service 10048 Denial of Service 10481 Denial of Service 10482 Denial of Service 10484 Denial of Service 10051 Denial of Service 10049 Denial of Service 10378 Denial of Service 10379 Denial of Service 10483 Denial of Service 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11568 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11569 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11570 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11571 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11572 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11712 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11713 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11714 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11896 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11897 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11898 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11923 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11924 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11801 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11802 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11803 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11926 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11927 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11929 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11930 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11931 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10729 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10735 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10852 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10853 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10816 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10855 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10047 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10048 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10481 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10482 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10484 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10051 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10049 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10378 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10379 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10483 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <p>Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:</p> <p>Only systems with the IKE and AuthIP IPsec Keying Modules running are vulnerable to this attack.</p> <p>You can run either of the following commands to check the running status of this service:</p> <p>PS: <code>C:\&amp;gt; Get-Service Ikeext</code></p> <ul> <li>OR</li> </ul> <p>Cmd: <code>C:\&amp;gt; sc query ikeext</code></p> <p>This mitigation could have negative affects on your IPSec functionality. Microsoft strongly recommends updating your system with the latest Windows security updates.</p> <a href="https://www.youtube.com/watch?v=0AhPC_dHkHo">Polar Bear</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Windows IKE Extension Microsoft Yes CVE-2022-21889 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 10051 10049 10378 10379 10483 10543 Denial of Service 11568 Denial of Service 11569 Denial of Service 11570 Denial of Service 11571 Denial of Service 11572 Denial of Service 11712 Denial of Service 11713 Denial of Service 11714 Denial of Service 11896 Denial of Service 11897 Denial of Service 11898 Denial of Service 11923 Denial of Service 11924 Denial of Service 11801 Denial of Service 11802 Denial of Service 11803 Denial of Service 11926 Denial of Service 11927 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 10729 Denial of Service 10735 Denial of Service 10852 Denial of Service 10853 Denial of Service 10816 Denial of Service 10855 Denial of Service 10047 Denial of Service 10048 Denial of Service 10481 Denial of Service 10482 Denial of Service 10484 Denial of Service 10051 Denial of Service 10049 Denial of Service 10378 Denial of Service 10379 Denial of Service 10483 Denial of Service 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11712 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11713 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11714 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11896 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11897 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11898 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11801 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11802 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11803 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11926 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11927 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10729 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10735 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <p>Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:</p> <p>Only systems with the IKE and AuthIP IPsec Keying Modules running are vulnerable to this attack.</p> <p>You can run either of the following commands to check the running status of this service:</p> <p>PS: <code>C:\&amp;gt; Get-Service Ikeext</code></p> <ul> <li>OR</li> </ul> <p>Cmd: <code>C:\&amp;gt; sc query ikeext</code></p> <p>This mitigation could have negative affects on your IPSec functionality. Microsoft strongly recommends updating your system with the latest Windows security updates.</p> <a href="https://www.youtube.com/watch?v=0AhPC_dHkHo">Polar Bear</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Modern Execution Server Remote Code Execution Vulnerability Windows Modern Execution Server Microsoft Yes CVE-2022-21888 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 <a href="https://twitter.com/edwardzpeng">Zhiniang Peng (@edwardzpeng) &amp; Zesen Ye (@wh1tc)</a> with <a href="https://www.sangfor.com/en">Sangfor</a> <a href="https://twitter.com/jq0904">Jinquan(@jq0904)</a> with <a href="https://www.dbappsecurity.com.cn/product/cloud250.html">DBAPPSecurity Lieying Lab</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Win32k Elevation of Privilege Vulnerability <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver.</p> Windows Win32K Microsoft Yes CVE-2022-21887 11926 11927 Elevation of Privilege 11926 Elevation of Privilege 11927 Important 11926 Important 11927 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 k0shl with Kunlun Lab 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Microsoft Yes CVE-2022-21885 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 StackLeader in Tianfu Cup 1.0 2022-01-11T08:00:00 <p>Information published.</p> Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Windows Local Security Authority Subsystem Service (LSASS) Microsoft Yes CVE-2022-21884 11571 11572 11923 11924 11803 10816 10855 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11803 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11571 Important 11572 Important 11923 Important 11924 Important 11803 Important 10816 Important 10855 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11571 11572 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11803 5009543 5009543 https://support.microsoft.com/help/5009543 11803 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10816 10855 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10051 10049 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10483 10543 <a href="https://twitter.com/australeo">Leo Adrien (@australeo)</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Windows IKE Extension Microsoft Yes CVE-2022-21883 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 10051 10049 10378 10379 10483 10543 Denial of Service 11568 Denial of Service 11569 Denial of Service 11570 Denial of Service 11571 Denial of Service 11572 Denial of Service 11712 Denial of Service 11713 Denial of Service 11714 Denial of Service 11896 Denial of Service 11897 Denial of Service 11898 Denial of Service 11923 Denial of Service 11924 Denial of Service 11801 Denial of Service 11802 Denial of Service 11803 Denial of Service 11926 Denial of Service 11927 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 10729 Denial of Service 10735 Denial of Service 10852 Denial of Service 10853 Denial of Service 10816 Denial of Service 10855 Denial of Service 10047 Denial of Service 10048 Denial of Service 10481 Denial of Service 10482 Denial of Service 10484 Denial of Service 10051 Denial of Service 10049 Denial of Service 10378 Denial of Service 10379 Denial of Service 10483 Denial of Service 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11712 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11713 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11714 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11896 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11897 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11898 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11801 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11802 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11803 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11926 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11927 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10729 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10735 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <p>Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:</p> <p>Only systems with the IKE and AuthIP IPsec Keying Modules running are vulnerable to this attack.</p> <p>You can run either of the following commands to check the running status of this service:</p> <p>PS: <code>C:\&amp;gt; Get-Service Ikeext</code></p> <ul> <li>OR</li> </ul> <p>Cmd: <code>C:\&amp;gt; sc query ikeext</code></p> <p>This mitigation could have negative affects on your IPSec functionality. Microsoft strongly recommends updating your system with the latest Windows security updates.</p> <a href="https://www.youtube.com/watch?v=0AhPC_dHkHo">Polar Bear</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Win32k Elevation of Privilege Vulnerability <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver.</p> Windows Win32K Microsoft Yes CVE-2022-21882 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 <a href="https://twitter.com/b2ahex">RyeLv (@b2ahex)</a> Big CJTeam of Tianfu Cup 1.0 2022-01-11T08:00:00 <p>Information published.</p> 1.1 2022-01-13T08:00:00 <p>Corrected Active Attack entry to Yes. When this information was originally released, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability.</p> Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Microsoft Yes CVE-2022-21881 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 HuanGMz@<a href="https://www.knownsec.com/">KnownSec 404 Team</a> Kunlun lab (https://www.cyberkl.com) via TianfuCup (https://www.tianfucup.com) <a href="https://www.zhihu.com/people/li-song-lin-44">sunglin</a>@<a href="https://www.knownsec.com/">KnownSec 404 Team</a> <a href="https://twitter.com/dawuj4f">Tongqing Zhu</a>@<a href="https://www.knownsec.com/">KnownSec 404 Team</a> <a href="https://nobb.site">Hcamael</a>@<a href="https://www.knownsec.com/">KnownSec 404 Team</a> Zhiniang Peng <a href="https://twitter.com/edwardzpeng">@edwardzpeng</a> & Byzero with <a href="https://www.sangfor.com/en">Sangfor</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows GDI+ Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is a pointer leak to the process user-mode address space in the internal memory of the application that is using GDI+.</p> Microsoft Graphics Component Microsoft Yes CVE-2022-21880 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11570 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11712 Information Disclosure 11713 Information Disclosure 11714 Information Disclosure 11896 Information Disclosure 11897 Information Disclosure 11898 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11801 Information Disclosure 11802 Information Disclosure 11803 Information Disclosure 11926 Information Disclosure 11927 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 10729 Information Disclosure 10735 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10047 Information Disclosure 10048 Information Disclosure 10481 Information Disclosure 10482 Information Disclosure 10484 Information Disclosure 9312 Information Disclosure 10287 Information Disclosure 9318 Information Disclosure 9344 Information Disclosure 10051 Information Disclosure 10049 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11712 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11713 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11714 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11896 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11897 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11898 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11801 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11802 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11803 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11926 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11927 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10729 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10735 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10047 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10048 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10481 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10482 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10484 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9312 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10287 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9318 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 9344 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10051 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10049 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 yyjb with http://blog.noah.360.net/ 1.0 2022-01-11T08:00:00 <p>Information published.</p> 1.1 2022-01-14T08:00:00 <p>Updated FAQ information. This is an informational change only.</p> Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Microsoft Yes CVE-2022-21879 11568 11569 11570 11571 11572 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11570 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11896 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11897 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11898 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11801 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11802 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11803 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 JIWO Technology Co., Ltd 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Geolocation Service Remote Code Execution Vulnerability Windows Geolocation Service Microsoft Yes CVE-2022-21878 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 10729 10735 10852 10853 10816 10855 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 <a href="https://twitter.com/edwardzpeng">Zhiniang Peng (@edwardzpeng) Zesen Ye (@wh1tc)</a> with <a href="https://www.sangfor.com/en">Sangfor</a> <a href="https://twitter.com/jq0904">Jinquan(@jq0904)</a> with <a href="https://www.dbappsecurity.com.cn/product/cloud250.html">DBAPPSecurity Lieying Lab</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability Microsoft Dynamics Microsoft Yes CVE-2022-21891 11958 Spoofing 11958 Important 11958 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.6 6.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C 11958 Pontus Persson with <a href="https://omegapoint.se/">Omegapoint</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Microsoft Yes CVE-2022-21896 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 <a href="https://twitter.com/hillstone_lab">He YiSheng, Zhang WangJunJie, and Li WenYue</a> with <a href="https://www.hillstonenet.com.cn/">Hillstone Network Security Research Institute</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Microsoft Yes CVE-2022-21897 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11570 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11712 Elevation of Privilege 11713 Elevation of Privilege 11714 Elevation of Privilege 11896 Elevation of Privilege 11897 Elevation of Privilege 11898 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11801 Elevation of Privilege 11802 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11927 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 10729 Elevation of Privilege 10735 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10047 Elevation of Privilege 10048 Elevation of Privilege 10481 Elevation of Privilege 10482 Elevation of Privilege 10484 Elevation of Privilege 9312 Elevation of Privilege 10287 Elevation of Privilege 9318 Elevation of Privilege 9344 Elevation of Privilege 10051 Elevation of Privilege 10049 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9312 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10287 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9318 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 9344 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://twitter.com/thunderj17">Thunder J</a> and <a href="https://twitter.com/secboxer">Boxer</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> DirectX Graphics Kernel Remote Code Execution Vulnerability Windows DirectX Microsoft Yes CVE-2022-21898 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11929 11930 11931 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Critical 11568 Critical 11569 Critical 11570 Critical 11571 Critical 11572 Critical 11712 Critical 11713 Critical 11714 Critical 11896 Critical 11897 Critical 11898 Critical 11923 Critical 11924 Critical 11801 Critical 11802 Critical 11803 Critical 11929 Critical 11930 Critical 11931 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 HongZhenhao of Ant Group Light-Year Security Lab 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Extensible Firmware Interface Security Feature Bypass Vulnerability Windows UEFI Microsoft Yes CVE-2022-21899 10729 10735 10047 10048 10481 10482 10484 10051 10049 10378 10379 10483 10543 Security Feature Bypass 10729 Security Feature Bypass 10735 Security Feature Bypass 10047 Security Feature Bypass 10048 Security Feature Bypass 10481 Security Feature Bypass 10482 Security Feature Bypass 10484 Security Feature Bypass 10051 Security Feature Bypass 10049 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 10729 Important 10735 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10729 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10735 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10047 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10048 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10481 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10482 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10484 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10051 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10049 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Abdelhamid Naceri working with <a href="https://www.zerodayinitiative.com/">Trend Micro Zero Day Initiative</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Resilient File System (ReFS) Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability?</strong></p> <p>An attacker with physical access to a vulnerable system could insert a specially crafted USB device.</p> <p><strong>Are there additional attack vectors?</strong></p> <p>This vulnerability could also be exploited through a local attack vector. An attacker authenticated as an administrator on a vulnerable system could mount a specially crafted virtual hard drive (VHD) to exploit the system. This scenario results in a lower CVSS score which is why the primary attack vector is listed as Physical in our documentation.</p> Windows Resilient File System (ReFS) Microsoft Yes CVE-2022-21892 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11568 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11569 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11570 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11571 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11572 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11712 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11713 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11714 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11896 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11897 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11898 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11923 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11924 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11801 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11802 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11803 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11926 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11927 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11929 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11930 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11931 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10729 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10735 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10852 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10853 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10816 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10855 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10481 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10482 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10484 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10378 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10379 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10483 6.8 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Tobias Groß with <a href="https://www.cs1.tf.fau.de">Friedrich-Alexander University (FAU) Erlangen-Nürnberg, Germany</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> Remote Desktop Protocol Remote Code Execution Vulnerability <p><strong>How would an attacker exploit this vulnerability?</strong></p> <p>An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could read or tamper with clipboard contents and the victim's filesystem contents.</p> Windows RDP Microsoft Yes CVE-2022-21893 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 10051 10049 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11570 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11712 Remote Code Execution 11713 Remote Code Execution 11714 Remote Code Execution 11896 Remote Code Execution 11897 Remote Code Execution 11898 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11801 Remote Code Execution 11802 Remote Code Execution 11803 Remote Code Execution 11926 Remote Code Execution 11927 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 10729 Remote Code Execution 10735 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10047 Remote Code Execution 10048 Remote Code Execution 10481 Remote Code Execution 10482 Remote Code Execution 10484 Remote Code Execution 10051 Remote Code Execution 10049 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11570 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11712 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11714 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11897 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11898 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11801 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11802 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11927 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10729 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10047 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10048 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10481 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10484 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10051 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10049 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.0 7.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 <a href="https://github.com/gabriel-sztejnworcel">Gabriel Sztejnworcel</a> <a href="https://labs.cyberark.com">with CyberArk</a> 1.0 2022-01-11T08:00:00 <p>Information published.</p> 1.1 2022-01-13T08:00:00 <p>Updated one or more CVSS scores for the affected products. This is an informational change only.</p> Secure Boot Security Feature Bypass Vulnerability Windows Secure Boot Microsoft Yes CVE-2022-21894 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10481 10482 10484 10378 10379 10483 10543 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11570 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11712 Security Feature Bypass 11713 Security Feature Bypass 11714 Security Feature Bypass 11896 Security Feature Bypass 11897 Security Feature Bypass 11898 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11801 Security Feature Bypass 11802 Security Feature Bypass 11803 Security Feature Bypass 11926 Security Feature Bypass 11927 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 10729 Security Feature Bypass 10735 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10481 Security Feature Bypass 10482 Security Feature Bypass 10484 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10481 Important 10482 Important 10484 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11568 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11569 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11570 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11571 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11572 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11712 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11713 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11714 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11896 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11897 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11898 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11923 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11924 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11801 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11802 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11803 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11926 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11927 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11929 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11930 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11931 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10729 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10735 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10852 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10853 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10816 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10855 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10481 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10482 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10484 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10378 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10379 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10483 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Zammis Clark 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability Windows BackupKey Remote Protocol Microsoft Yes CVE-2022-21925 10047 10048 9312 10287 9318 9344 10051 10049 Security Feature Bypass 10047 Security Feature Bypass 10048 Security Feature Bypass 9312 Security Feature Bypass 10287 Security Feature Bypass 9318 Security Feature Bypass 9344 Security Feature Bypass 10051 Security Feature Bypass 10049 Important 10047 Important 10048 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10047 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10048 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9312 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10287 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9318 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9344 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10051 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10049 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 Andrew Bartlett of Catalyst IT 1.0 2022-01-11T08:00:00 <p>Information published.</p> Workstation Service Remote Protocol Security Feature Bypass Vulnerability Windows Workstation Service Remote Protocol Microsoft Yes CVE-2022-21924 11568 11569 11570 11571 11572 11712 11713 11714 11896 11897 11898 11923 11924 11801 11802 11803 11926 11927 11929 11930 11931 10729 10735 10852 10853 10816 10855 10047 10048 10481 10482 10484 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11570 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11712 Security Feature Bypass 11713 Security Feature Bypass 11714 Security Feature Bypass 11896 Security Feature Bypass 11897 Security Feature Bypass 11898 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11801 Security Feature Bypass 11802 Security Feature Bypass 11803 Security Feature Bypass 11926 Security Feature Bypass 11927 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 10729 Security Feature Bypass 10735 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10047 Security Feature Bypass 10048 Security Feature Bypass 10481 Security Feature Bypass 10482 Security Feature Bypass 10484 Security Feature Bypass 9312 Security Feature Bypass 10287 Security Feature Bypass 9318 Security Feature Bypass 9344 Security Feature Bypass 10051 Security Feature Bypass 10049 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 11568 Important 11569 Important 11570 Important 11571 Important 11572 Important 11712 Important 11713 Important 11714 Important 11896 Important 11897 Important 11898 Important 11923 Important 11924 Important 11801 Important 11802 Important 11803 Important 11926 Important 11927 Important 11929 Important 11930 Important 11931 Important 10729 Important 10735 Important 10852 Important 10853 Important 10816 Important 10855 Important 10047 Important 10048 Important 10481 Important 10482 Important 10484 Important 9312 Important 10287 Important 9318 Important 9344 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11568 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11569 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11570 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11571 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11572 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11712 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11713 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11714 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11896 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11897 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11898 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11923 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11924 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11801 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11802 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11803 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11926 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11927 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11929 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11930 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 11931 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10729 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10735 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10852 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10853 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10816 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10855 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10047 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10048 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10481 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10482 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10484 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9312 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10287 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9318 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 9344 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10051 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10049 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10378 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10379 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10483 5.3 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11568 11569 11570 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11568 11569 11570 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11712 11713 11714 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11712 11713 11714 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 11897 11898 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 11897 11898 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11897 11898 11801 11802 11803 11929 11930 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11801 11802 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11801 11802 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 11927 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 11927 5009566 5009566 https://support.microsoft.com/help/5009566 11926 11927 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11929 11930 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11929 11930 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10729 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10729 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10852 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10852 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10047 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10047 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10047 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10047 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10481 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10481 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10481 10482 10484 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10481 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10481 10482 10483 10543 5009624 10484 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10484 5009624 5009627 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009627 5008274 9312 10287 9318 9344 Yes Monthly Rollup 6.0.6003.21349 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009627 5009627 https://support.microsoft.com/help/5009627 9312 10287 9318 9344 5009601 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009601 9312 10287 9318 9344 Yes Security Only 6.0.6003.21349 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009601 5009601 https://support.microsoft.com/help/5009601 9312 10287 9318 9344 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Andrew Bartlett of Catalyst IT 1.0 2022-01-11T08:00:00 <p>Information published.</p> Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2022-21954 11655 Elevation of Privilege 11655 Important 11655 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes <a href="https://www.daviderceg.com/">David Erceg</a> 1.0 2022-01-06T08:00:00 <p>Information published.</p> Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2022-21931 11655 Remote Code Execution 11655 Important 11655 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 4.2 3.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes <a href="https://www.daviderceg.com/">David Erceg</a> 1.0 2022-01-06T08:00:00 <p>Information published.</p> Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2022-21929 11655 Remote Code Execution 11655 Moderate 11655 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 2.5 2.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes <a href="https://www.daviderceg.com/">David Erceg</a> 1.0 2022-01-06T08:00:00 <p>Information published.</p> Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.55</td> <td>1/6/2022</td> <td>97.0.4692.71</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2022-21930 11655 Remote Code Execution 11655 Important 11655 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 4.2 3.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C 11655 Release Notes 11655 No Security Update 97.0.1072.55 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes <a href="https://www.daviderceg.com/">David Erceg</a> 1.0 2022-01-06T08:00:00 <p>Information published.</p> Microsoft Exchange Server Remote Code Execution Vulnerability <p><strong>According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?</strong></p> <p>This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include the same shared physical network (such as Bluetooth or IEEE 802.11), logical network (local IP subnet), or from within a secure or otherwise limited administrative domain (MPLS, secure VPN to an administrative network zone). This is common to many attacks that require machine-in-the-middle (MITM) type setups or that rely on initially gaining a foothold in another environment.</p> Microsoft Exchange Server Microsoft Yes CVE-2022-21969 11682 11906 11908 11956 11957 Remote Code Execution 11682 Remote Code Execution 11906 Remote Code Execution 11908 Remote Code Execution 11956 Remote Code Execution 11957 Important 11682 Important 11906 Important 11908 Important 11956 Important 11957 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11682 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11906 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11908 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11956 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11957 5008631 http://www.microsoft.com/download/details.aspx?familyid=9bcec622-bd02-4557-ad77-4c560abb3da3 5007409 11682 Yes Security Update 15.00.1497.028 https://support.microsoft.com/help/5008631 11682 5008631 5008631 https://support.microsoft.com/help/5008631 11682 11906 11908 11956 11957 5008631 http://www.microsoft.com/download/details.aspx?familyid=be6d511a-2523-4817-b5cd-11d1316ac398 5007409 11906 Yes Security Update 15.01.2308.021 https://support.microsoft.com/help/5008631 11906 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=c03bef2b-342f-40ef-a35b-e3f56bc909ad 5007409 11908 Yes Security Update 15.02.0922.020 https://support.microsoft.com/help/5008631 11908 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=ec50d425-44a9-4f15-bda0-bc1d62f36310 5007409 11956 Yes Security Update 15.01.2375.018 https://support.microsoft.com/help/5008631 11956 5008631 5008631 http://www.microsoft.com/download/details.aspx?familyid=02f280f1-e574-4ef6-a265-8d33f6e5823b 5007409 11957 Yes Security Update 15.02.0986.015 https://support.microsoft.com/help/5008631 11957 5008631 Dr. Florian Hauser with Code White GmbH 1.0 2022-01-11T08:00:00 <p>Information published.</p> WinVerifyTrust Signature Validation Vulnerability <p><strong>Why is Microsoft republishing a CVE from 2013?</strong></p> <p>We are republishing CVE-2013-3900 in the Security Update Guide to update the <strong>Security Updates</strong> table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format is different from the original CVE published in 2013, except for clarifications about how to configure the EnableCertPaddingCheck registry value, the information herein remains unchanged from the original text published on December 10, 2013,</p> <p>Microsoft does not plan to enforce the stricter verification behavior as a default functionality on supported releases of Microsoft Windows. This behavior remains available as an opt-in feature via reg key setting, and is available on supported editions of Windows released since December 10, 2013. This includes all currently supported versions of Windows 10 and Windows 11. The supporting code for this reg key was incorporated at the time of release for Windows 10 and Windows 11, so no security update is required; however, the reg key must be set. See the <strong>Security Updates</strong> table for the list of affected software.</p> <p><strong>Vulnerability Description</strong></p> <p>A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for portable executable (PE) files. An anonymous attacker could exploit the vulnerability by modifying an existing signed executable file to leverage unverified portions of the file in such a way as to add malicious code to the file without invalidating the signature. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Exploitation of this vulnerability requires that a user or application run or install a specially crafted, signed PE file. An attacker could modify an existing signed file to include malicious code without invalidating the signature. This code would execute in the context of the privilege in which the signed PE file was launched.</p> <p>In an email attack scenario, an attacker could exploit this vulnerability by sending a user an email message containing the specially crafted PE file and convincing the user to open the file.</p> <p>In a web-based attack scenario, an attacker would have to host a website that contains a specially crafted PE file. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could be used to exploit this vulnerability. An attacker would have no way to force users to visit a website that is hosting the specially crafted PE file. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that directs them to the attacker's website.</p> <p><strong>Update History</strong></p> <p>On December 10, 2013, Microsoft released an update for all supported releases of Microsoft Windows that changes how signatures are verified for binaries signed with the Windows Authenticode signature format. This change can be enabled on an opt-in basis. When enabled, the new behavior for Windows Authenticode signature verification will no longer allow extraneous information in the WIN_CERTIFICATE structure, and Windows will no longer recognize non-compliant binaries as signed. On July 29, 2014 Microsoft announced that it no longer plans to enforce the stricter verification behavior as a default functionality on supported releases of Microsoft Windows. To this date, it remains available as an opt-in feature in all currently supported releases of Microsoft Windows.</p> <p><strong>Recommendation</strong>. Microsoft recommends that executables authors consider conforming all signed binaries to the new verification standard by ensuring that they contain no extraneous information in the WIN_CERTIFICATE structure. Microsoft also recommends that customers appropriately test this change to evaluate how it will behave in their environments. Please see the <strong>Suggested Actions</strong> section for more information.</p> <p><strong>What is the result of opting into the stricter verification behavior?</strong></p> <p>Opting into the stricter verification behavior causes the WinVerifyTrust function to perform strict Windows Authenticode signature verification for PE files. After you opt in, PE files will be considered &quot;unsigned&quot; if Windows identifies content in them that does not conform to the Authenticode specification. This may impact some installers. If you are using an installer that is impacted, Microsoft recommends using an installer that only extracts content from validated portions of the signed file.</p> <p><strong>How can I enable the new signature verification behavior?</strong></p> <p>Customers who would like to enable the new Authenticode signature verification behavior can do so by setting a key in the system registry. When the key is set, Windows Authenticode signature verification will no longer recognize binaries with Authenticode signatures that contain extraneous information in the WIN_CERTIFICATE structure. Customers can choose to disable the functionality at any time by disabling this registry key. See <strong>Suggested Actions</strong> for instructions.</p> <p><strong>How can I disable the functionality?</strong></p> <p>Customers who have already enabled the stricter verification behavior, and have not experienced problems, can choose to leave the verification behavior enabled. Customers who are experiencing application compatibility problems with the new behavior, or customers who simply want to disable the new behavior, can disable the functionality by removing the EnableCertPaddingCheck registry key or by setting it to REG_DWORD value 0. See <strong>Suggested Actions</strong> for instructions.</p> <p><strong>If I do not want to enable this functionality, do I need to do anything?</strong></p> <p>No. The stricter verification behavior resides on the system but will be dormant functionality until enabled.</p> <p><strong>Does the new verification behavior affect already-installed software?</strong></p> <p>The new stricter verification behavior, when enabled, applies primarily to portable executable (PE) binaries that are signed with the Windows Authenticode signature format. Binaries that are not signed with this format or that do not use WinVerifyTrust to verify signatures are not affected by the new behavior. Binaries most likely to be affected are PE installer files distributed via the Internet that are customized at time of download. The most common scenario in which users could perceive an impact is during the downloading and installation of new applications. This is the case only if customers have chosen to enable the stricter verification behavior, after which users may observe warning messages when attempting to install new applications with signatures that fail validation.</p> <p><strong>Does the new verification behavior impact AppLocker policies?</strong></p> <p>For customers who have chosen to enable the stricter verification behavior, any AppLocker rule that depends on files being signed, or expects a specific publisher, may be impacted if the signature on a file does not meet the stricter Authenticode signature verification requirements.</p> <p><strong>Does the new verification behavior impact Windows Defender Application Control (WDAC)?</strong></p> <p>No. The new verification behavior does not impact WDAC.</p> <p><strong>Does the new verification behavior impact Software Restriction Policies?</strong></p> <p>For customers who have chosen to enable the stricter verification behavior, any Software Restriction Policy that depends on files being signed, or expects a specific publisher, may be impacted if the signature on a file does not meet the stricter Authenticode signature verification requirements.</p> <p><strong>The new stricter verification behavior deems my binary non-compliant. What are my options?</strong></p> <p>If a binary is deemed non-compliant with the stricter Authenticode signature verification behavior, this will not be a problem on systems that have not had the new verification behavior enabled because Microsoft is not enforcing the stricter behavior by default. However, to correct problems with a binary failing validation on systems where the new verification behavior has been enabled, that binary will need to be re-signed with strict adherence to the Windows Authenticode Signature format and specifically not include extraneous information in the WIN_CERTIFICATE structure.</p> <p><strong>Is there any possibility of a signature being recognized as non-compliant with the stricter verification process if I sign using non-Microsoft-provided signing tools?</strong></p> <p>Yes. For customers opting to enable the stricter verification behavior, signing binaries with non-Microsoft-provided signing tools runs the risk of signatures being recognized as non-compliant with the stricter verification behavior. Using Microsoft products, or signature tools Microsoft provides, such as signtool.exe, helps to ensure that signatures are recognized as compliant.</p> <p><strong>What is Windows Authenticode?</strong></p> <p>Windows Authenticode is a digital signature format that is used to determine the origin and integrity of software binaries. Authenticode uses Public-Key Cryptography Standards (PKCS) #7 signed data and X.509 certificates to bind an Authenticode-signed binary to the identity of a software publisher. The term &quot;Authenticode signature&quot; refers to a digital signature format that is generated and verified using the WinVerifyTrust function.</p> <p><strong>What is Windows Authenticode signature verification?</strong></p> <p>Windows Authenticode signature verification consists of two primary activities: signature checking on specified objects and trust verification. These activities are carried out by the WinVerifyTrust function, which executes a signature check then passes the inquiry to a trust provider that supports the action identifier, if one exists. For more technical information regarding the WinVerifyTrust function, see <a href="http://msdn.microsoft.com/en-us/library/aa388208(vs.85).aspx">WinVerifyTrust function</a>. For an introduction to Authenticode, see <a href="http://msdn.microsoft.com/en-us/library/ms537361(v=vs.85).aspx">Introduction to Code Signing</a>.</p> <h3 id="suggested-actions">Suggested Actions</h3> <p><strong>Review Microsoft Root Certificate Program Technical Requirements</strong></p> <p>Customers who are interested in learning more about the topic covered in this advisory should review <a href="https://docs.microsoft.com/en-us/security/trusted-root/program-requirements">Windows Root Certificate Program - Technical Requirements</a>.</p> <p><strong>Modify Binary Signing Processes</strong></p> <p>After reviewing the technical details underlying the change in Authenticode signature verification behavior, Microsoft recommends that customers ensure that their Authenticode signatures do not contain extraneous information in the WIN_CERTIFICATE structure. Microsoft also recommends that executables authors consider conforming their Authenticode-signed binaries to the new verification standard. Authors who have modified their binary signing processes and would like to enable the new behavior may do so on an opt-in basis. <a href="https://docs.microsoft.com/en-us/security/trusted-root/program-requirements">Windows Root Certificate Program - Technical Requirements</a> for guidance.</p> <p><strong>Implement the Improvement to Authenticode Signature Verification</strong></p> <p><strong>Warning</strong> Performing these steps to enable the functionality changes will cause non-conforming binaries to appear unsigned and, therefore, render them untrusted. Microsoft recommends that customers test how this change to Authenticode signature verification behaves in their environment before fully implementing it.</p> <p>To enable the Authenticode signature verification improvements, configure the EnableCertPaddingCheck registry value to a non-zero value. Two ways that you can do this are through Group Policy, or with a .reg (“Registration Entries”) file. Implementing the improvement through Group Policy is available via the “MS Security Guide” administrative template, downloadable with the most recent Windows security baseline in the Microsoft Security Compliance Toolkit. After the SecGuide.admx and SecGuide.adml files are copied into the administrative template store, enable the “Enable Certificate Padding” policy in Computer Configuration\Administrative Templates\MS Security Guide. To implement the improvement with a .reg file, paste the following text into a text editor such as Notepad, save the file by using the .reg file name extension (for example, enableAuthenticodeVerification.reg). You can apply the .reg file to individual systems by double-clicking it. You can automate its application with the REG.EXE IMPORT command.</p> <p><strong>Note</strong> If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.</p> <p>For 32-bit versions of Windows, use the following text:</p> <pre><code>Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] &quot;EnableCertPaddingCheck&quot;=dword:1 </code></pre> <p>For 64-bit versions of Windows, use this text:</p> <pre><code>Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] &quot;EnableCertPaddingCheck&quot;=dword:1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] &quot;EnableCertPaddingCheck&quot;=dword:1 </code></pre> <p><strong>Note</strong> You must restart the system for your changes to take effect.</p> <p><strong>Impact of enabling the functionality change</strong>: Non-conforming binaries will appear unsigned and, therefore, be rendered untrusted.</p> <p><strong>Verifying that the Improvement to Authenticode Signature Verification is Implemented Correctly</strong></p> <p>Earlier versions of CVE-2013-3900 had recommended configuring EnableCertPaddingCheck to string value “1”, rather than to DWORD 1. Customers who had followed that guidance do not need to make further changes to their systems. Although Windows treats the EnableCertPaddingCheck value as a DWORD, its actual registry value type does not matter, as long as all these length and data requirements are met:</p> <ul> <li>The EnableCertPaddingCheck registry value is present (any data type)</li> <li>The value’s data length is from 1 to 4 bytes</li> <li>At least one of those bytes is a non-zero value</li> </ul> <p>Compliance validation tools should not fail the EnableCertPaddingCheck inspection for its value type. Ideally, a test should read the value as a four-byte value, ignoring its type, and pass the test if the four-byte value is present and non-zero. If a scanning tool does not support specifying validation criteria that way, then given the two specific ways Microsoft has published to configure the setting, scanning tools should pass the check if either of these is true:</p> <ul> <li>EnableCertPaddingCheck is a REG_DWORD, value exactly &quot;1&quot;</li> <li>EnableCertPaddingCheck is a REG_SZ, value exactly &quot;1&quot;</li> </ul> <p><strong>Reverting the Improvement to Authenticode Signature Verification</strong></p> <p>To revert to Windows default behavior and disable the Authenticode signature verification improvements, delete the EnableCertPaddingCheck registry value or set it to a DWORD value 0. Two ways that you can do this are through Group Policy, or with a .reg (“Registration Entries”) file.</p> <p>To revert the improvement through Group Policy, configure the “MS Security Guide” policy described in <strong>Implement the Improvement to Authenticode Signature Verification</strong> to &quot;Disabled&quot;.</p> <p>To revert the improvement with a .reg file, paste the following text into a text editor such as Notepad, save the file by using the .reg file name extension (for example, disableAuthenticodeVerification.reg). You can apply the .reg file to individual systems by double-clicking it. You can automate its application with the REG.EXE IMPORT command.</p> <p><strong>Note</strong> If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.</p> <p>For 32-bit versions of Windows, use the following text:</p> <pre><code>Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] &quot;EnableCertPaddingCheck&quot;=dword:0 </code></pre> <p>For 64-bit versions of Windows, use the following text:</p> <pre><code>Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] &quot;EnableCertPaddingCheck&quot;=dword:0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] &quot;EnableCertPaddingCheck&quot;=dword:0 </code></pre> <p><strong>Note</strong> You must restart the system for your changes to take effect.</p> WinVerifyTrust Signature Verification Microsoft Yes CVE-2013-3900 Improper Verification of Cryptographic Signature 11568 11569 11570 11571 11572 11923 11924 11926 11927 11929 11930 11931 12085 12086 12097 12098 12099 12437 12242 12243 12244 12389 12390 12436 10729 10735 10852 10853 10816 10855 9312 10287 9318 9344 10051 10049 10378 10379 10483 10543 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11570 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11926 Security Feature Bypass 11927 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12085 Security Feature Bypass 12086 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10729 Security Feature Bypass 10735 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 9312 Security Feature Bypass 10287 Security Feature Bypass 9318 Security Feature Bypass 9344 Security Feature Bypass 10051 Security Feature Bypass 10049 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Moderate 11568 Moderate 11569 Moderate 11570 Moderate 11571 Moderate 11572 Moderate 11923 Moderate 11924 Moderate 11926 Moderate 11927 Moderate 11929 Moderate 11930 Moderate 11931 Moderate 12085 Moderate 12086 Moderate 12097 Moderate 12098 Moderate 12099 Moderate 12437 Moderate 12242 Moderate 12243 Moderate 12244 Moderate 12389 Moderate 12390 Moderate 12436 Moderate 10729 Moderate 10735 Moderate 10852 Moderate 10853 Moderate 10816 Moderate 10855 Moderate 9312 Moderate 10287 Moderate 9318 Moderate 9344 Moderate 10051 Moderate 10049 Moderate 10378 Moderate 10379 Moderate 10483 Moderate 10543 Publicly Disclosed:Yes;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11926 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11927 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12085 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12086 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 9312 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10287 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 9318 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 9344 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10051 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10049 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 10543 1.0 2022-01-21T08:00:00 <p>Information published in the Security Update Guide to update the Security Updates table and to inform customers that there are actions they need to take to protect their systems from this vulnerability. CVE-2013-3900 was originally published on December 10, 2013 on TechNet.</p> 2.4 2024-12-23T08:00:00 <p>Providing further clarification about how to configure the EnableCertPaddingCheck registry value to implement and revert the improvement to authenticode signature verification. Customers who had successfully followed previous guidance do not need to make further changes to their systems. Although Windows treats the EnableCertPaddingCheck value as a DWORD, its actual registry value type does not matter, as long as all these length and data requirements are met. See the <strong>Suggested Actions</strong> section for more information.</p> 2.0 2023-04-11T07:00:00 <p>In the Security Updates table, added the Server Core installation versions of the following versions of Windows as they are affected by the vulnerability: Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2, Windows Server 2008 R2 for x64-based Systems Service 1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, and Windows Server 2022. Customers running these Server Core installations should review the FAQs and Suggested Actions section of this CVE and take action as necessary.</p> 2.1 2023-05-09T07:00:00 <p>In the Executive Summary, corrected information about Windows 10 and Windows 11 to state that the supporting code for this reg key was incorporated at the time of release for Windows 10 and Windows 11, so no security update is required; however, the reg key must be set. This is an informational change only.</p> 2.2 2024-04-11T07:00:00 <p>Updated FAQs to inform customers that EnableCertPaddingCheck is data type REG_SZ (a string value) and not data type dword. When you specify 'EnableCertPaddingCheck&quot; as in &quot;DataItemName1&quot;=&quot;DataType1:DataValue1&quot; do not include the date type value or colon. This is an informational change only.</p> 2.3 2024-11-12T08:00:00 <p><strong>Corrected</strong> Correcting the published information from the previous revision. EnableCertPaddingCheck is data type REG_DWORD (an integer value) and not data type string: &quot;EnableCertPaddingCheck&quot;=dword:1. The FAQ section has been updated accordingly. This is an informational change only.</p> Microsoft Edge for Android Spoofing Vulnerability <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>97.0.1072.69</td> <td>1/20/2022</td> <td>97.0.4692.99</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2022-23258 11815 Spoofing 11815 Moderate 11815 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C 11815 Release Notes 11815 No Security Update 97.0.1072.69 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11815 Release Notes Anonymous <a href="https://www.instagram.com/zaid_ghiffarii/">MUHAMMAD ZAID GHIFARI</a> with <a href="https://borneosec.or.id/">KALIMMANTAN UTARA</a> 1.0 2022-01-21T08:00:00 <p>Information published.</p> 1.1 2022-02-25T08:00:00 <p>Updated one or more CVSS scores for the affected products. This is an informational change only.</p> https://nvd.nist.gov/vuln/detail/CVE-2019-13504 https://nvd.nist.gov/vuln/detail/CVE-2019-13504 Mariner cve@mitre.org Yes CVE-2019-13504 12139 12140 12139 12140 12139 12140 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2019-13504 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2019-13504 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2020-25653 https://nvd.nist.gov/vuln/detail/CVE-2020-25653 Mariner secalert@redhat.com Yes CVE-2020-25653 12139 12140 12139 12140 12139 12140 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H 12139 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H 12140 spice-vdagent 12139 spice-vdagent-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25653 12139 spice-vdagent spice-vdagent 12140 spice-vdagent-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25653 12140 spice-vdagent 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2019-17455 https://nvd.nist.gov/vuln/detail/CVE-2019-17455 Mariner cve@mitre.org Yes CVE-2019-17455 12139 12140 12139 12140 12139 12140 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12139 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12140 libntlm 12139 libntlm-1.6-1.cm2.x86_64.rpm 0001-01-01T00:00:00 libntlm-devel-1.6-1.cm2.x86_64.rpm 0001-01-01T00:00:00 libntlm-debuginfo-1.6-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 1.6-1 https://nvd.nist.gov/vuln/detail/CVE-2019-17455 12139 libntlm libntlm 12140 libntlm-1.6-1.cm2.aarch64.rpm 0001-01-01T00:00:00 libntlm-devel-1.6-1.cm2.aarch64.rpm 0001-01-01T00:00:00 libntlm-debuginfo-1.6-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 1.6-1 https://nvd.nist.gov/vuln/detail/CVE-2019-17455 12140 libntlm 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2020-15999 https://nvd.nist.gov/vuln/detail/CVE-2020-15999 https://nvd.nist.gov/vuln/detail/CVE-2020-15999 https://nvd.nist.gov/vuln/detail/CVE-2020-15999 Mariner chrome-cve-admin@google.com Yes CVE-2020-15999 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12137 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12138 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 freetype 12137 freetype-2.11.1-1.cm1.x86_64.rpm 0001-01-01T00:00:00 freetype-devel-2.11.1-1.cm1.x86_64.rpm 0001-01-01T00:00:00 freetype-debuginfo-2.11.1-1.cm1.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.11.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-15999 12137 freetype freetype 12138 freetype-2.11.1-1.cm1.aarch64.rpm 0001-01-01T00:00:00 freetype-devel-2.11.1-1.cm1.aarch64.rpm 0001-01-01T00:00:00 freetype-debuginfo-2.11.1-1.cm1.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.11.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-15999 12138 freetype freetype 12139 freetype-2.11.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 freetype-devel-2.11.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 freetype-debuginfo-2.11.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.11.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-15999 12139 freetype freetype 12140 freetype-2.11.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 freetype-devel-2.11.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 freetype-debuginfo-2.11.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.11.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-15999 12140 freetype 1.0 2022-01-29T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2020-25651 https://nvd.nist.gov/vuln/detail/CVE-2020-25651 Mariner secalert@redhat.com Yes CVE-2020-25651 12139 12140 12139 12140 12139 12140 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:L 12139 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:L 12140 spice-vdagent 12139 spice-vdagent-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25651 12139 spice-vdagent spice-vdagent 12140 spice-vdagent-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25651 12140 spice-vdagent 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2019-17402 https://nvd.nist.gov/vuln/detail/CVE-2019-17402 Mariner cve@mitre.org Yes CVE-2019-17402 12139 12140 12139 12140 12139 12140 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2019-17402 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2019-17402 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2020-25652 https://nvd.nist.gov/vuln/detail/CVE-2020-25652 Mariner secalert@redhat.com Yes CVE-2020-25652 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 12140 spice-vdagent 12139 spice-vdagent-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25652 12139 spice-vdagent spice-vdagent 12140 spice-vdagent-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25652 12140 spice-vdagent 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2020-14387 https://nvd.nist.gov/vuln/detail/CVE-2020-14387 Mariner secalert@redhat.com Yes CVE-2020-14387 12139 12140 12139 12140 12139 12140 7.4 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 12139 7.4 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 12140 rsync 12139 rsync-3.2.3-2.cm2.x86_64.rpm 0001-01-01T00:00:00 rsync-debuginfo-3.2.3-2.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.2.3-2 https://nvd.nist.gov/vuln/detail/CVE-2020-14387 12139 rsync rsync 12140 rsync-3.2.3-2.cm2.aarch64.rpm 0001-01-01T00:00:00 rsync-debuginfo-3.2.3-2.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.2.3-2 https://nvd.nist.gov/vuln/detail/CVE-2020-14387 12140 rsync 1.0 2022-01-20T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2019-20421 https://nvd.nist.gov/vuln/detail/CVE-2019-20421 Mariner cve@mitre.org Yes CVE-2019-20421 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2019-20421 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2019-20421 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-22207 https://nvd.nist.gov/vuln/detail/CVE-2021-22207 Mariner cve@gitlab.com Yes CVE-2021-22207 12139 12140 12139 12140 12139 12140 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 12139 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-22207 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-22207 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-20199 https://nvd.nist.gov/vuln/detail/CVE-2021-20199 Mariner secalert@redhat.com Yes CVE-2021-20199 12139 12140 12139 12140 12139 12140 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 12139 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 12140 podman 12139 podman-4.1.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 podman-docker-4.1.1-1.cm2.noarch.rpm 0001-01-01T00:00:00 podman-tests-4.1.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 podman-remote-4.1.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 podman-plugins-4.1.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 podman-gvproxy-4.1.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 podman-debuginfo-4.1.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.1.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-20199 12139 podman podman 12140 podman-4.1.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 podman-docker-4.1.1-1.cm2.noarch.rpm 0001-01-01T00:00:00 podman-tests-4.1.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 podman-remote-4.1.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 podman-plugins-4.1.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 podman-gvproxy-4.1.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 podman-debuginfo-4.1.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.1.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-20199 12140 podman 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2020-26154 https://nvd.nist.gov/vuln/detail/CVE-2020-26154 Mariner cve@mitre.org Yes CVE-2020-26154 12139 12140 12139 12140 12139 12140 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12139 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12140 libproxy 12139 libproxy-0.4.17-5.cm2.x86_64.rpm 0001-01-01T00:00:00 libproxy-bin-0.4.17-5.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-libproxy-0.4.17-5.cm2.noarch.rpm 0001-01-01T00:00:00 libproxy-gnome-0.4.17-5.cm2.x86_64.rpm 0001-01-01T00:00:00 libproxy-kde-0.4.17-5.cm2.x86_64.rpm 0001-01-01T00:00:00 libproxy-devel-0.4.17-5.cm2.x86_64.rpm 0001-01-01T00:00:00 libproxy-debuginfo-0.4.17-5.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.4.17-5 https://nvd.nist.gov/vuln/detail/CVE-2020-26154 12139 libproxy libproxy 12140 libproxy-0.4.17-5.cm2.aarch64.rpm 0001-01-01T00:00:00 libproxy-bin-0.4.17-5.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-libproxy-0.4.17-5.cm2.noarch.rpm 0001-01-01T00:00:00 libproxy-gnome-0.4.17-5.cm2.aarch64.rpm 0001-01-01T00:00:00 libproxy-kde-0.4.17-5.cm2.aarch64.rpm 0001-01-01T00:00:00 libproxy-devel-0.4.17-5.cm2.aarch64.rpm 0001-01-01T00:00:00 libproxy-debuginfo-0.4.17-5.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.4.17-5 https://nvd.nist.gov/vuln/detail/CVE-2020-26154 12140 libproxy 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2020-25650 https://nvd.nist.gov/vuln/detail/CVE-2020-25650 Mariner secalert@redhat.com Yes CVE-2020-25650 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 12140 spice-vdagent 12139 spice-vdagent-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25650 12139 spice-vdagent spice-vdagent 12140 spice-vdagent-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 spice-vdagent-debuginfo-0.22.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.22.1-1 https://nvd.nist.gov/vuln/detail/CVE-2020-25650 12140 spice-vdagent 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-22222 https://nvd.nist.gov/vuln/detail/CVE-2021-22222 Mariner cve@gitlab.com Yes CVE-2021-22222 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-22222 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-22222 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-29463 https://nvd.nist.gov/vuln/detail/CVE-2021-29463 Mariner security-advisories@github.com Yes CVE-2021-29463 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29463 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29463 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-29464 https://nvd.nist.gov/vuln/detail/CVE-2021-29464 Mariner security-advisories@github.com Yes CVE-2021-29464 12139 12140 12139 12140 12139 12140 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12139 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29464 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29464 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-28091 https://nvd.nist.gov/vuln/detail/CVE-2021-28091 Mariner cve@mitre.org Yes CVE-2021-28091 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 12140 lasso 12139 lasso-2.8.0-1.cm2.x86_64.rpm 0001-01-01T00:00:00 lasso-devel-2.8.0-1.cm2.x86_64.rpm 0001-01-01T00:00:00 perl-lasso-2.8.0-1.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-lasso-2.8.0-1.cm2.x86_64.rpm 0001-01-01T00:00:00 lasso-debuginfo-2.8.0-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.8.0-1 https://nvd.nist.gov/vuln/detail/CVE-2021-28091 12139 lasso lasso 12140 lasso-2.8.0-1.cm2.aarch64.rpm 0001-01-01T00:00:00 lasso-devel-2.8.0-1.cm2.aarch64.rpm 0001-01-01T00:00:00 perl-lasso-2.8.0-1.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-lasso-2.8.0-1.cm2.aarch64.rpm 0001-01-01T00:00:00 lasso-debuginfo-2.8.0-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.8.0-1 https://nvd.nist.gov/vuln/detail/CVE-2021-28091 12140 lasso 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-32617 https://nvd.nist.gov/vuln/detail/CVE-2021-32617 Mariner security-advisories@github.com Yes CVE-2021-32617 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-32617 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-32617 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-32815 https://nvd.nist.gov/vuln/detail/CVE-2021-32815 Mariner security-advisories@github.com Yes CVE-2021-32815 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-32815 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-32815 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-29457 https://nvd.nist.gov/vuln/detail/CVE-2021-29457 Mariner security-advisories@github.com Yes CVE-2021-29457 12139 12140 12139 12140 12139 12140 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12139 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29457 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29457 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-27135 https://nvd.nist.gov/vuln/detail/CVE-2021-27135 Mariner cve@mitre.org Yes CVE-2021-27135 12139 12140 12139 12140 12139 12140 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12139 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12140 xterm 12139 xterm-372-1.cm2.x86_64.rpm 0001-01-01T00:00:00 xterm-resize-372-1.cm2.x86_64.rpm 0001-01-01T00:00:00 xterm-debuginfo-372-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 372-1 https://nvd.nist.gov/vuln/detail/CVE-2021-27135 12139 xterm xterm 12140 xterm-372-1.cm2.aarch64.rpm 0001-01-01T00:00:00 xterm-resize-372-1.cm2.aarch64.rpm 0001-01-01T00:00:00 xterm-debuginfo-372-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 372-1 https://nvd.nist.gov/vuln/detail/CVE-2021-27135 12140 xterm 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-29623 https://nvd.nist.gov/vuln/detail/CVE-2021-29623 Mariner security-advisories@github.com Yes CVE-2021-29623 12139 12140 12139 12140 12139 12140 3.3 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 12139 3.3 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29623 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29623 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-22235 https://nvd.nist.gov/vuln/detail/CVE-2021-22235 Mariner cve@gitlab.com Yes CVE-2021-22235 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-22235 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-22235 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-32055 https://nvd.nist.gov/vuln/detail/CVE-2021-32055 Mariner cve@mitre.org Yes CVE-2021-32055 12139 12140 12139 12140 12139 12140 9.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 12139 9.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 12140 mutt 12139 mutt-2.0.5-4.cm2.x86_64.rpm 0001-01-01T00:00:00 mutt-debuginfo-2.0.5-4.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.0.5-4 https://nvd.nist.gov/vuln/detail/CVE-2021-32055 12139 mutt mutt 12140 mutt-2.0.5-4.cm2.aarch64.rpm 0001-01-01T00:00:00 mutt-debuginfo-2.0.5-4.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 2.0.5-4 https://nvd.nist.gov/vuln/detail/CVE-2021-32055 12140 mutt 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-29473 https://nvd.nist.gov/vuln/detail/CVE-2021-29473 Mariner security-advisories@github.com Yes CVE-2021-29473 12139 12140 12139 12140 12139 12140 2.5 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L 12139 2.5 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29473 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29473 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-29470 https://nvd.nist.gov/vuln/detail/CVE-2021-29470 Mariner security-advisories@github.com Yes CVE-2021-29470 12139 12140 12139 12140 12139 12140 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29470 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29470 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-29458 https://nvd.nist.gov/vuln/detail/CVE-2021-29458 Mariner security-advisories@github.com Yes CVE-2021-29458 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29458 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-29458 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-3588 https://nvd.nist.gov/vuln/detail/CVE-2021-3588 Mariner security@ubuntu.com Yes CVE-2021-3588 12139 12140 12139 12140 12139 12140 3.3 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 12139 3.3 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 12140 bluez 12139 bluez-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 bluez-cups-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 bluez-libs-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 bluez-libs-devel-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 bluez-hid2hci-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 bluez-mesh-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 bluez-obexd-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 bluez-debuginfo-5.63-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.63-1 https://nvd.nist.gov/vuln/detail/CVE-2021-3588 12139 bluez bluez 12140 bluez-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 bluez-cups-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 bluez-libs-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 bluez-libs-devel-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 bluez-hid2hci-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 bluez-mesh-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 bluez-obexd-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 bluez-debuginfo-5.63-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.63-1 https://nvd.nist.gov/vuln/detail/CVE-2021-3588 12140 bluez 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-34334 https://nvd.nist.gov/vuln/detail/CVE-2021-34334 Mariner security-advisories@github.com Yes CVE-2021-34334 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-34334 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-34334 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37619 https://nvd.nist.gov/vuln/detail/CVE-2021-37619 Mariner security-advisories@github.com Yes CVE-2021-37619 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37619 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37619 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37618 https://nvd.nist.gov/vuln/detail/CVE-2021-37618 Mariner security-advisories@github.com Yes CVE-2021-37618 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37618 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37618 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37616 https://nvd.nist.gov/vuln/detail/CVE-2021-37616 Mariner security-advisories@github.com Yes CVE-2021-37616 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37616 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37616 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-3482 https://nvd.nist.gov/vuln/detail/CVE-2021-3482 Mariner secalert@redhat.com Yes CVE-2021-3482 12139 12140 12139 12140 12139 12140 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 12139 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-3482 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-3482 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-3622 https://nvd.nist.gov/vuln/detail/CVE-2021-3622 Mariner secalert@redhat.com Yes CVE-2021-3622 12139 12140 12139 12140 12139 12140 4.3 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 12139 4.3 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 12140 hivex 12139 hivex-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 hivex-devel-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 hivex-static-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 ocaml-hivex-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 ocaml-hivex-devel-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 perl-hivex-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-hivex-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 ruby-hivex-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 hivex-debuginfo-1.3.21-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 1.3.21-1 https://nvd.nist.gov/vuln/detail/CVE-2021-3622 12139 hivex hivex 12140 hivex-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 hivex-devel-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 hivex-static-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 ocaml-hivex-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 ocaml-hivex-devel-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 perl-hivex-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-hivex-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 ruby-hivex-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 hivex-debuginfo-1.3.21-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 1.3.21-1 https://nvd.nist.gov/vuln/detail/CVE-2021-3622 12140 hivex 1.0 2022-01-11T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37621 https://nvd.nist.gov/vuln/detail/CVE-2021-37621 Mariner security-advisories@github.com Yes CVE-2021-37621 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37621 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37621 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-34335 https://nvd.nist.gov/vuln/detail/CVE-2021-34335 Mariner security-advisories@github.com Yes CVE-2021-34335 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-34335 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-34335 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37615 https://nvd.nist.gov/vuln/detail/CVE-2021-37615 Mariner security-advisories@github.com Yes CVE-2021-37615 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37615 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37615 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-34141 https://nvd.nist.gov/vuln/detail/CVE-2021-34141 Mariner cve@mitre.org Yes CVE-2021-34141 12139 12140 12139 12140 12139 12140 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 12139 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 12140 numpy 12139 python3-numpy-1.22.3-1.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-numpy-f2py-1.22.3-1.cm2.x86_64.rpm 0001-01-01T00:00:00 numpy-debuginfo-1.22.3-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 1.22.0-1 https://nvd.nist.gov/vuln/detail/CVE-2021-34141 12139 numpy numpy 12140 python3-numpy-1.22.3-1.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-numpy-f2py-1.22.3-1.cm2.aarch64.rpm 0001-01-01T00:00:00 numpy-debuginfo-1.22.3-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 1.22.0-1 https://nvd.nist.gov/vuln/detail/CVE-2021-34141 12140 numpy 1.0 2022-01-05T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37620 https://nvd.nist.gov/vuln/detail/CVE-2021-37620 Mariner security-advisories@github.com Yes CVE-2021-37620 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37620 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37620 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37623 https://nvd.nist.gov/vuln/detail/CVE-2021-37623 Mariner security-advisories@github.com Yes CVE-2021-37623 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37623 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37623 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39924 https://nvd.nist.gov/vuln/detail/CVE-2021-39924 Mariner cve@gitlab.com Yes CVE-2021-39924 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39924 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39924 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39921 https://nvd.nist.gov/vuln/detail/CVE-2021-39921 Mariner cve@gitlab.com Yes CVE-2021-39921 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39921 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39921 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-37622 https://nvd.nist.gov/vuln/detail/CVE-2021-37622 Mariner security-advisories@github.com Yes CVE-2021-37622 12139 12140 12139 12140 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 12140 exiv2 12139 exiv2-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37622 12139 exiv2 exiv2 12140 exiv2-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-devel-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-libs-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 exiv2-doc-0.27.5-1.cm2.noarch.rpm 0001-01-01T00:00:00 exiv2-debuginfo-0.27.5-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 0.27.5-1 https://nvd.nist.gov/vuln/detail/CVE-2021-37622 12140 exiv2 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39926 https://nvd.nist.gov/vuln/detail/CVE-2021-39926 Mariner cve@gitlab.com Yes CVE-2021-39926 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39926 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39926 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39928 https://nvd.nist.gov/vuln/detail/CVE-2021-39928 Mariner cve@gitlab.com Yes CVE-2021-39928 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39928 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39928 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39922 https://nvd.nist.gov/vuln/detail/CVE-2021-39922 Mariner cve@gitlab.com Yes CVE-2021-39922 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39922 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39922 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39920 https://nvd.nist.gov/vuln/detail/CVE-2021-39920 Mariner cve@gitlab.com Yes CVE-2021-39920 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39920 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39920 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-40153 https://nvd.nist.gov/vuln/detail/CVE-2021-40153 Mariner cve@mitre.org Yes CVE-2021-40153 12139 12140 12139 12140 12139 12140 8.1 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 12139 8.1 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 12140 squashfs-tools 12139 squashfs-tools-4.5.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 squashfs-tools-debuginfo-4.5.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.5.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-40153 12139 squashfs-tools squashfs-tools 12140 squashfs-tools-4.5.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 squashfs-tools-debuginfo-4.5.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.5.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-40153 12140 squashfs-tools 1.0 2022-01-20T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39929 https://nvd.nist.gov/vuln/detail/CVE-2021-39929 Mariner cve@gitlab.com Yes CVE-2021-39929 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39929 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39929 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39923 https://nvd.nist.gov/vuln/detail/CVE-2021-39923 Mariner cve@gitlab.com Yes CVE-2021-39923 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39923 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39923 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-39925 https://nvd.nist.gov/vuln/detail/CVE-2021-39925 Mariner cve@gitlab.com Yes CVE-2021-39925 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39925 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-39925 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 Mariner security@huntr.dev Yes CVE-2021-4193 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 12137 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 12138 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 12139 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 12140 vim 12137 vim-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 12137 vim vim 12138 vim-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 12138 vim vim 12139 vim-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 12139 vim vim 12140 vim-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 12140 vim 1.0 2022-01-08T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 Mariner security@huntr.dev Yes CVE-2021-4187 12139 12140 12139 12140 12139 12140 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12139 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12140 vim 12139 vim-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 12139 vim vim 12140 vim-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 12140 vim 1.0 2022-01-12T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-41072 https://nvd.nist.gov/vuln/detail/CVE-2021-41072 Mariner cve@mitre.org Yes CVE-2021-41072 12139 12140 12139 12140 12139 12140 8.1 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 12139 8.1 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 12140 squashfs-tools 12139 squashfs-tools-4.5.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 squashfs-tools-debuginfo-4.5.1-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.5.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-41072 12139 squashfs-tools squashfs-tools 12140 squashfs-tools-4.5.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 squashfs-tools-debuginfo-4.5.1-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.5.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-41072 12140 squashfs-tools 1.0 2022-01-20T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4184 https://nvd.nist.gov/vuln/detail/CVE-2021-4184 Mariner cve@gitlab.com Yes CVE-2021-4184 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4184 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4184 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4186 https://nvd.nist.gov/vuln/detail/CVE-2021-4186 Mariner cve@gitlab.com Yes CVE-2021-4186 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4186 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4186 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 Mariner security@huntr.dev Yes CVE-2021-4173 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12137 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12138 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12139 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12140 vim 12137 vim-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 12137 vim vim 12138 vim-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 12138 vim vim 12139 vim-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 12139 vim vim 12140 vim-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 12140 vim 1.0 2022-01-08T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4181 https://nvd.nist.gov/vuln/detail/CVE-2021-4181 Mariner cve@gitlab.com Yes CVE-2021-4181 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4181 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4181 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 Mariner security@huntr.dev Yes CVE-2021-4166 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 12137 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 12138 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 12139 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 12140 vim 12137 vim-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 12137 vim vim 12138 vim-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 12138 vim vim 12139 vim-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 12139 vim vim 12140 vim-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 12140 vim 1.0 2022-01-05T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4182 https://nvd.nist.gov/vuln/detail/CVE-2021-4182 Mariner cve@gitlab.com Yes CVE-2021-4182 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4182 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4182 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4185 https://nvd.nist.gov/vuln/detail/CVE-2021-4185 Mariner cve@gitlab.com Yes CVE-2021-4185 12139 12140 12139 12140 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 12140 wireshark 12139 wireshark-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4185 12139 wireshark wireshark 12140 wireshark-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-cli-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-devel-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 wireshark-debuginfo-3.4.14-1.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 3.4.14-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4185 12140 wireshark 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 Mariner security@huntr.dev Yes CVE-2021-4192 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12137 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12138 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12139 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 12140 vim 12137 vim-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 12137 vim vim 12138 vim-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4006-1.cm1.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4006-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 12138 vim vim 12139 vim-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 12139 vim vim 12140 vim-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 vim-extra-8.2.4743-2.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 8.2.4081-1 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 12140 vim 1.0 2022-01-08T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-44733 https://nvd.nist.gov/vuln/detail/CVE-2021-44733 https://nvd.nist.gov/vuln/detail/CVE-2021-44733 https://nvd.nist.gov/vuln/detail/CVE-2021-44733 Mariner cve@mitre.org Yes CVE-2021-44733 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 12137 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 12138 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 12139 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 12140 kernel 12137 kernel-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-devel-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-docs-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-oprofile-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-tools-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 bpftool-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.10.89.1-2 https://nvd.nist.gov/vuln/detail/CVE-2021-44733 12137 kernel kernel 12138 kernel-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-devel-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-docs-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-tools-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-dtb-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 bpftool-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.10.89.1-2 https://nvd.nist.gov/vuln/detail/CVE-2021-44733 12138 kernel kernel 12139 kernel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.18.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-44733 12139 kernel kernel 12140 kernel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-dtb-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.18.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-44733 12140 kernel 1.0 2022-01-04T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-45485 https://nvd.nist.gov/vuln/detail/CVE-2021-45485 https://nvd.nist.gov/vuln/detail/CVE-2021-45485 Mariner cve@mitre.org Yes CVE-2021-45485 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 12137 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 12138 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 12139 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 12140 kernel 12137 12138 kernel-headers-5.4.51-2.cm1.noarch.rpm 0001-01-01T00:00:00 CBL-Mariner 5.10.88.1-2 https://nvd.nist.gov/vuln/detail/CVE-2021-45485 12137 12138 kernel kernel 12139 kernel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.2.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-45485 12139 kernel kernel 12140 kernel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-dtb-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.2.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-45485 12140 kernel 1.0 2022-01-12T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-45469 https://nvd.nist.gov/vuln/detail/CVE-2021-45469 https://nvd.nist.gov/vuln/detail/CVE-2021-45469 https://nvd.nist.gov/vuln/detail/CVE-2021-45469 Mariner cve@mitre.org Yes CVE-2021-45469 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 12137 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 12138 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 12139 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 12140 kernel 12137 kernel-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-devel-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-docs-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-oprofile-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-tools-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 bpftool-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.10.89.1-2.cm1.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.10.89.1-2 https://nvd.nist.gov/vuln/detail/CVE-2021-45469 12137 kernel kernel 12138 kernel-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-devel-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-docs-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-tools-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-dtb-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 bpftool-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.10.89.1-2.cm1.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.10.89.1-2 https://nvd.nist.gov/vuln/detail/CVE-2021-45469 12138 kernel kernel 12139 kernel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.18.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-45469 12139 kernel kernel 12140 kernel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-dtb-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.18.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-45469 12140 kernel 1.0 2022-01-05T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2021-45486 https://nvd.nist.gov/vuln/detail/CVE-2021-45486 https://nvd.nist.gov/vuln/detail/CVE-2021-45486 Mariner cve@mitre.org Yes CVE-2021-45486 12137 12138 12139 12140 12137 12138 12139 12140 12137 12138 12139 12140 3.5 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 12137 3.5 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 12138 3.5 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 12139 3.5 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 12140 kernel 12137 12138 kernel-headers-5.4.51-2.cm1.noarch.rpm 0001-01-01T00:00:00 CBL-Mariner 5.10.88.1-2 https://nvd.nist.gov/vuln/detail/CVE-2021-45486 12137 12138 kernel kernel 12139 kernel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.2.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-45486 12139 kernel kernel 12140 kernel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-devel-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-accessibility-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-drivers-sound-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-docs-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-tools-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-perf-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-dtb-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 bpftool-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 kernel-debuginfo-5.15.32.1-3.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 5.15.2.1-1 https://nvd.nist.gov/vuln/detail/CVE-2021-45486 12140 kernel 1.0 2022-01-11T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2018-1057 https://nvd.nist.gov/vuln/detail/CVE-2018-1057 Mariner secalert@redhat.com Yes CVE-2018-1057 12139 12140 12139 12140 12139 12140 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 12139 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 12140 samba 12139 samba-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-client-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-client-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-common-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-common-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-common-tools-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-devel-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-vfs-cephfs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-vfs-glusterfs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-krb5-printing-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libsmbclient-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libsmbclient-devel-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libwbclient-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libwbclient-devel-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-samba-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-samba-test-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-pidl-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-test-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-test-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-clients-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-krb5-locator-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-modules-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 ctdb-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 ctdb-tests-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-debuginfo-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.12.5-6 https://nvd.nist.gov/vuln/detail/CVE-2018-1057 12139 samba samba 12140 samba-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-client-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-client-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-common-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-common-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-common-tools-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-devel-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-vfs-cephfs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-vfs-glusterfs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-krb5-printing-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libsmbclient-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libsmbclient-devel-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libwbclient-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libwbclient-devel-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-samba-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-samba-test-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-pidl-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-test-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-test-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-clients-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-krb5-locator-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-modules-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 ctdb-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 ctdb-tests-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-debuginfo-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.12.5-6 https://nvd.nist.gov/vuln/detail/CVE-2018-1057 12140 samba 1.0 2022-01-19T00:00:00 <p>Information published.</p> https://nvd.nist.gov/vuln/detail/CVE-2018-1050 https://nvd.nist.gov/vuln/detail/CVE-2018-1050 Mariner secalert@redhat.com Yes CVE-2018-1050 12139 12140 12139 12140 12139 12140 4.3 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 12139 4.3 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 12140 samba 12139 samba-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-client-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-client-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-common-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-common-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-common-tools-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-devel-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-vfs-cephfs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-vfs-glusterfs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-krb5-printing-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libsmbclient-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libsmbclient-devel-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libwbclient-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 libwbclient-devel-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-samba-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 python3-samba-test-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-pidl-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-test-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-test-libs-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-clients-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-krb5-locator-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-winbind-modules-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 ctdb-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 ctdb-tests-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 samba-debuginfo-4.12.5-6.cm2.x86_64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.12.5-6 https://nvd.nist.gov/vuln/detail/CVE-2018-1050 12139 samba samba 12140 samba-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-client-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-client-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-common-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-common-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-common-tools-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-devel-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-vfs-cephfs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-vfs-glusterfs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-krb5-printing-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libsmbclient-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libsmbclient-devel-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libwbclient-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 libwbclient-devel-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-samba-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 python3-samba-test-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-pidl-4.12.5-6.cm2.noarch.rpm 0001-01-01T00:00:00 samba-test-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-test-libs-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-clients-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-krb5-locator-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-winbind-modules-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 ctdb-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 ctdb-tests-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 samba-debuginfo-4.12.5-6.cm2.aarch64.rpm 0001-01-01T00:00:00 CBL-Mariner 4.12.5-6 https://nvd.nist.gov/vuln/detail/CVE-2018-1050 12140 samba 1.0 2022-01-19T00:00:00 <p>Information published.</p> Windows Hyper-V Security Feature Bypass Vulnerability <p><strong>What configurations or versions could be at risk from this vulnerability?</strong></p> <p>This bypass could affect any Hyper-V configurations that are using Router Guard.</p> <p><strong>What is the exposure if the vulnerability was bypassed?</strong></p> <p>Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router paths.</p> Role: Windows Hyper-V Microsoft Yes CVE-2022-21900 11569 11571 11572 11713 11896 11923 11924 11803 11926 11931 10735 10853 10816 10855 10048 10482 10051 10049 10378 10379 10483 10543 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11713 Security Feature Bypass 11896 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11803 Security Feature Bypass 11926 Security Feature Bypass 11931 Security Feature Bypass 10735 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10048 Security Feature Bypass 10482 Security Feature Bypass 10051 Security Feature Bypass 10049 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 11569 Important 11571 Important 11572 Important 11713 Important 11896 Important 11923 Important 11924 Important 11803 Important 11926 Important 11931 Important 10735 Important 10853 Important 10816 Important 10855 Important 10048 Important 10482 Important 10051 Important 10049 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11569 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11571 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11572 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11713 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11896 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11923 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11924 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11803 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11926 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 11931 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10735 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10853 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10816 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10855 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10048 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10482 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10051 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10049 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10378 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10379 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10483 4.6 4.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11569 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11569 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11569 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11713 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11713 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11803 11931 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 5009566 5009566 https://support.microsoft.com/help/5009566 11926 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11931 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11931 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10853 10816 10855 5009610 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009610 5008244 10048 10051 10049 Yes Monthly Rollup 6.1.7601.25829 https://support.microsoft.com/help/5009610 10048 10051 10049 5009610 5009610 https://support.microsoft.com/help/5009610 10048 10051 10049 5009621 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009621 10048 10051 10049 Yes Security Only 6.1.7601.25829 https://support.microsoft.com/help/5009621 10048 10051 10049 5009621 5009621 https://support.microsoft.com/help/5009621 10048 10051 10049 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10482 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10482 10483 10543 5009586 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009586 5008277 10378 10379 Yes Monthly Rollup 6.2.9200.23584 https://support.microsoft.com/help/5009586 10378 10379 5009586 5009586 https://support.microsoft.com/help/5009586 10378 10379 5009619 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009619 10378 10379 Yes Security Only 6.2.9200.23584 https://support.microsoft.com/help/5009619 10378 10379 5009619 5009619 https://support.microsoft.com/help/5009619 10378 10379 Maxime Villard, of M.O.R.S.E. 1.0 2022-01-11T08:00:00 <p>Information published.</p> Windows Hyper-V Elevation of Privilege Vulnerability <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An authenticated attacker could run a specially crafted application on a vulnerable Hyper-V guest to exploit this vulnerability which, if successful, could potentially interact with processes of another Hyper-V guest hosted on the same Hyper-V host.</p> Role: Windows Hyper-V Microsoft Yes CVE-2022-21901 11569 11571 11572 11713 11896 11923 11924 11803 11926 11930 10735 10853 10816 10855 10482 10483 10543 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11713 Elevation of Privilege 11896 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11803 Elevation of Privilege 11926 Elevation of Privilege 11930 Elevation of Privilege 10735 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10482 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11569 Important 11571 Important 11572 Important 11713 Important 11896 Important 11923 Important 11924 Important 11803 Important 11926 Important 11930 Important 10735 Important 10853 Important 10816 Important 10855 Important 10482 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11713 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11896 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11803 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11926 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10735 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10482 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 9.0 7.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5009557 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 5008218 11569 11571 11572 Yes Security Update 10.0.17763.2452 https://support.microsoft.com/help/5009557 11569 11571 11572 5009557 5009557 https://support.microsoft.com/help/5009557 11569 11571 11572 5009545 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009545 5008206 11713 Yes Security Update 10.0.18363.2037 https://support.microsoft.com/help/5009545 11713 5009545 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11896 Yes Security Update 10.0.19043.1466 https://support.microsoft.com/help/5009543 11896 5009543 5009543 https://support.microsoft.com/help/5009543 11896 11803 11930 5009555 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009555 5008223 11923 11924 Yes Security Update 10.0.20348.469 https://support.microsoft.com/help/5009555 11923 11924 5009555 5009555 https://support.microsoft.com/help/5009555 11923 11924 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11803 Yes Security Update 10.0.19042.1466 https://support.microsoft.com/help/5009543 11803 5009543 5009566 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009566 5008215 11926 Yes Security Update 10.0.22000.434 https://support.microsoft.com/help/5009566 11926 5009566 5009566 https://support.microsoft.com/help/5009566 11926 5009543 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009543 5008212 11930 Yes Security Update 10.0.19044.1466 https://support.microsoft.com/help/5009543 11930 5009543 5009585 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009585 5008230 10735 Yes Security Update 10.0.10240.19177 https://support.microsoft.com/help/5009585 10735 5009585 5009546 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009546 5008207 10853 10816 10855 Yes Security Update 10.0.14393.4886 https://support.microsoft.com/help/5009546 10853 10816 10855 5009546 5009546 https://support.microsoft.com/help/5009546 10853 10816 10855 5009624 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009624 5008263 10482 10483 10543 Yes Monthly Rollup 6.3.9600.20246 https://support.microsoft.com/help/5009624 10482 10483 10543 5009624 5009624 https://support.microsoft.com/help/5009624 10482 10483 10543 5009595 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009595 10482 10483 10543 Yes Security Only 6.3.9600.20246 https://support.microsoft.com/help/5009595 10482 10483 10543 5009595 5009595 https://support.microsoft.com/help/5009595 10482 10483 10543 Maxime Villard, of M.O.R.S.E. 1.0 2022-01-11T08:00:00 <p>Information published.</p>