Skip to content

Instantly share code, notes, and snippets.

@clearbluejar

clearbluejar/MSRC July 2022 CVE Charts.md

Last active August 19, 2022 03:59
Show Gist options
  • Save clearbluejar/841d5d0549c56c9268788363eec41773 to your computer and use it in GitHub Desktop.
Save clearbluejar/841d5d0549c56c9268788363eec41773 to your computer and use it in GitHub Desktop.
Download ZIP
MSRC July 2022 CVE Charts
Raw
MSRC July 2022 CVE Charts.md

MSRC July 2022 CVE Charts

pie showData
    title Windows Tags Distribution
    "Azure Site Recovery" : 32
    "Windows Print Spooler Components" : 4
    "Windows Advanced Local Procedure Call" : 3
    "Windows Network File System" : 3
    "Windows Client/Server Runtime Subsystem" : 3
    "Microsoft Graphics Component" : 3
    "Windows IIS" : 3
    "Microsoft Edge (Chromium-based)" : 2
    "Role: Windows Fax Service" : 2
    "Role: Windows Hyper-V" : 2
    "Windows Media" : 2
    "Windows BitLocker" : 2
    "AMD CPU Branch" : 1
    "Windows Server Service" : 1
    "Windows Fast FAT Driver" : 1
    "Windows Portable Device Enumerator Service" : 1
    "Microsoft Defender for Endpoint" : 1
    "Role: DNS Server" : 1
    "Windows Shell" : 1
    "Windows Remote Procedure Call Runtime" : 1
    "Windows Fax and Scan Service" : 1
Loading
Tag CVEs Count
Azure Site Recovery
CVE-2022-33660
CVE-2022-33668
CVE-2022-33657
CVE-2022-33652
CVE-2022-33655
CVE-2022-33672
CVE-2022-33671
CVE-2022-33654
CVE-2022-33674
CVE-2022-33667
CVE-2022-33663
CVE-2022-33662
CVE-2022-33666
CVE-2022-33676
CVE-2022-33677
CVE-2022-33653
CVE-2022-33658
CVE-2022-33642
CVE-2022-33641
CVE-2022-30181
CVE-2022-33664
CVE-2022-33661
CVE-2022-33656
CVE-2022-33669
CVE-2022-33650
CVE-2022-33643
CVE-2022-33675
CVE-2022-33651
CVE-2022-33673
CVE-2022-33665
CVE-2022-33678
CVE-2022-33659
 32
Windows Print Spooler Components
CVE-2022-22022
CVE-2022-30206
CVE-2022-30226
CVE-2022-22041
 4
Windows Advanced Local Procedure Call
CVE-2022-22037
CVE-2022-30202
CVE-2022-30224
 3
Windows Network File System
CVE-2022-22039
CVE-2022-22029
CVE-2022-22028
 3
Windows Client/Server Runtime Subsystem
CVE-2022-22026
CVE-2022-22049
CVE-2022-22047
 3
Microsoft Graphics Component
CVE-2022-30221
CVE-2022-30213
CVE-2022-22034
 3
Windows IIS
CVE-2022-30209
CVE-2022-22040
CVE-2022-22025
 3
Microsoft Edge (Chromium-based)
CVE-2022-2295
CVE-2022-2294
 2
Role: Windows Fax Service
CVE-2022-22024
CVE-2022-22027
 2
Role: Windows Hyper-V
CVE-2022-30223
CVE-2022-22042
 2
Windows Media
CVE-2022-22045
CVE-2022-30225
 2
Windows BitLocker
CVE-2022-22048
CVE-2022-22711
 2
AMD CPU Branch
CVE-2022-23825
 1
Windows Server Service
CVE-2022-30216
 1
Windows Fast FAT Driver
CVE-2022-22043
 1
Windows Portable Device Enumerator Service
CVE-2022-22023
 1
Microsoft Defender for Endpoint
CVE-2022-33637
 1
Role: DNS Server
CVE-2022-30214
 1
Windows Shell
CVE-2022-30222
 1
Windows Remote Procedure Call Runtime
CVE-2022-22038
 1
Windows Fax and Scan Service
CVE-2022-22050
 1 
pie showData
    title Windows Impact Distribution
    "Elevation of Privilege" : 52
    "Remote Code Execution" : 12
    "Information Disclosure" : 10
    "Denial of Service" : 5
    "Security Feature Bypass" : 4
    "None" : 2
    "Tampering" : 2
Loading
Impact CVEs Count
Elevation of Privilege
CVE-2022-33644
CVE-2022-33660
CVE-2022-33668
CVE-2022-30181
CVE-2022-30226
CVE-2022-22037
CVE-2022-33664
CVE-2022-33661
CVE-2022-30209
CVE-2022-22043
CVE-2022-33662
CVE-2022-33657
CVE-2022-22045
CVE-2022-33656
CVE-2022-33669
CVE-2022-33650
CVE-2022-33643
CVE-2022-33666
CVE-2022-33652
CVE-2022-33655
CVE-2022-33675
CVE-2022-30225
CVE-2022-22022
CVE-2022-33651
CVE-2022-33673
CVE-2022-22026
CVE-2022-33677
CVE-2022-30205
CVE-2022-33672
CVE-2022-30224
CVE-2022-33665
CVE-2022-33653
CVE-2022-30206
CVE-2022-33658
CVE-2022-22049
CVE-2022-22041
CVE-2022-30202
CVE-2022-22036
CVE-2022-33671
CVE-2022-33642
CVE-2022-30220
CVE-2022-33641
CVE-2022-22047
CVE-2022-33654
CVE-2022-33674
CVE-2022-22031
CVE-2022-22050
CVE-2022-33659
CVE-2022-22034
CVE-2022-33667
CVE-2022-33663
CVE-2022-30215
 52
Remote Code Execution
CVE-2022-22029
CVE-2022-22024
CVE-2022-30211
CVE-2022-33678
CVE-2022-30214
CVE-2022-33633
CVE-2022-33676
CVE-2022-30222
CVE-2022-22027
CVE-2022-22038
CVE-2022-22039
CVE-2022-30221
 12
Information Disclosure
CVE-2022-23825
CVE-2022-21845
CVE-2022-30213
CVE-2022-22711
CVE-2022-22042
CVE-2022-30187
CVE-2022-22028
CVE-2022-30212
CVE-2022-27776
CVE-2022-30223
 10
Denial of Service
CVE-2022-22040
CVE-2022-30208
CVE-2022-30225
CVE-2022-22043
CVE-2022-22025
 5
Security Feature Bypass
CVE-2022-22048
CVE-2022-22023
CVE-2022-30203
CVE-2022-33632
 4
None
CVE-2022-2295
CVE-2022-2294
 2
Tampering
CVE-2022-30216
CVE-2022-33637
 2
Raw
MSRC July 2022 CVE Table.md
CVE Description Release Date KBs Acknowledgments References CNA
CVE-2022-2295 Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-07-28
https://crbug.com/1336869
https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB/		 chrome-cve-admin@google.com
CVE-2022-2294 Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-07-28
https://crbug.com/1341043
https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB/
http://www.openwall.com/lists/oss-security/2022/07/28/2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7/		 chrome-cve-admin@google.com
CVE-2022-23825 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. 2022-07-14
10.0.20348.825 - KB5015827
 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/
https://www.debian.org/security/2022/dsa-5184
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLSRW4LLTAT3CZMOYVNTC7YIYGX3KLED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/		 psirt@amd.com
CVE-2022-30216 Windows Server Service Tampering Vulnerability. 2022-07-12
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
 Ben Barnea with Akamai Technologies https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30216 secure@microsoft.com
CVE-2022-33660 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
William Söderberg with WithSecure https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33660 secure@microsoft.com
CVE-2022-33668 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33668 secure@microsoft.com
CVE-2022-22037 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Jarvis_1oop https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22037 secure@microsoft.com
CVE-2022-22043 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Thunder_J and Boxer with Vulnerability Research Institute https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22043 secure@microsoft.com
CVE-2022-33657 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
21
William Söderberg with WithSecure		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33657 secure@microsoft.com
CVE-2022-33652 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33652 secure@microsoft.com
CVE-2022-22023 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22023 secure@microsoft.com
CVE-2022-33655 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33655 secure@microsoft.com
CVE-2022-22039 Windows Network File System Remote Code Execution Vulnerability. 2022-07-12
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.20348.825 - KB5015827
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Yuki Chen with Cyber KunLun https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22039 secure@microsoft.com
CVE-2022-22026 Windows CSRSS Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Sergei Glazunov with Google Project Zero https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22026
http://packetstormsecurity.com/files/168068/Windows-sxs-CNodeFactory-XMLParser_Element_doc_assembly_assemblyIdentity-Heap-Buffer-Overflow.html		 secure@microsoft.com
CVE-2022-33672 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33672 secure@microsoft.com
CVE-2022-33637 Microsoft Defender for Endpoint Tampering Vulnerability. 2022-07-12
James Sharpe with Zenotech Ltd https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33637 secure@microsoft.com
CVE-2022-33671 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33671 secure@microsoft.com
CVE-2022-22024 Windows Fax Service Remote Code Execution Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Xuefeng Li with Sangfor https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22024 secure@microsoft.com
CVE-2022-33654 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33654 secure@microsoft.com
CVE-2022-33674 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33674 secure@microsoft.com
CVE-2022-33667 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33667 secure@microsoft.com
CVE-2022-33663 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33663 secure@microsoft.com
CVE-2022-30221 Windows Graphics Component Remote Code Execution Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Colas Le Guernic, Jeremy Rubert, and Anonymous with Thalium https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30221 secure@microsoft.com
CVE-2022-22027 Windows Fax Service Remote Code Execution Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 TJ with FuzzWorks https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22027 secure@microsoft.com
CVE-2022-33662 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33662 secure@microsoft.com
CVE-2022-30223 Windows Hyper-V Information Disclosure Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 luoquan https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30223 secure@microsoft.com
CVE-2022-22045 Windows.Devices.Picker.dll Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22045 secure@microsoft.com
CVE-2022-33666 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33666 secure@microsoft.com
CVE-2022-33676 Azure Site Recovery Remote Code Execution Vulnerability. 2022-07-12
William Söderberg with WithSecure https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33676 secure@microsoft.com
CVE-2022-30225 Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 JIWO Technology Co., Ltd https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30225 secure@microsoft.com
CVE-2022-22022 Windows Print Spooler Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Xuefeng Li with Sangfor
Zhiniang Peng with Sangfor		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22022 secure@microsoft.com
CVE-2022-33677 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
William Söderberg with WithSecure https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33677 secure@microsoft.com
CVE-2022-33653 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33653 secure@microsoft.com
CVE-2022-30206 Windows Print Spooler Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Victor Mata with FusionX, Accenture Security
luckyu with NSFOCUS TIANYUAN LAB		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30206 secure@microsoft.com
CVE-2022-33658 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
William Söderberg with WithSecure https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33658 secure@microsoft.com
CVE-2022-30214 Windows DNS Server Remote Code Execution Vulnerability. 2022-07-12
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.20348.825 - KB5015827
 George Hughey with MSRC Vulnerabilities and Mitigations https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30214 secure@microsoft.com
CVE-2022-30202 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Jarvis_1oop https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30202 secure@microsoft.com
CVE-2022-30222 Windows Shell Remote Code Execution Vulnerability. 2022-07-12
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
 Krzysztof Andrusiak https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30222 secure@microsoft.com
CVE-2022-22038 Remote Procedure Call Runtime Remote Code Execution Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Yuki Chen with Cyber KunLun https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22038 secure@microsoft.com
CVE-2022-33642 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33642 secure@microsoft.com
CVE-2022-33641 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
William Söderberg with WithSecure
Anonymous		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33641 secure@microsoft.com
CVE-2022-22050 Windows Fax Service Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Xuefeng Li and Zhiniang Peng with Sangfor https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22050 secure@microsoft.com
CVE-2022-30203 Windows Boot Manager Security Feature Bypass Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Zammis Clark https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30203 secure@microsoft.com
CVE-2022-30208 Windows Security Account Manager (SAM) Denial of Service Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 bee13oy with Cyber Kunlun Lab https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30208 secure@microsoft.com
CVE-2022-30212 Windows Connected Devices Platform Service Information Disclosure Vulnerability. 2022-07-12
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
 JIWO Technology Co., Ltd https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30212 secure@microsoft.com
CVE-2022-22048 BitLocker Security Feature Bypass Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Zammis Clark https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22048 secure@microsoft.com
CVE-2022-22029 Windows Network File System Remote Code Execution Vulnerability. 2022-07-12
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.20348.825 - KB5015827
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Yuki Chen with Cyber KunLun https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22029 secure@microsoft.com
CVE-2022-30181 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
William Söderberg with WithSecure
21		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30181 secure@microsoft.com
CVE-2022-30226 Windows Print Spooler Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Xuefeng Li with Sangfor
Zhiniang Peng with Sangfor		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30226 secure@microsoft.com
CVE-2022-33664 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33664 secure@microsoft.com
CVE-2022-33633 Skype for Business and Lync Remote Code Execution Vulnerability. 2022-07-12
Yiming Xiang with NSFOCUS TIANJI LAB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33633 secure@microsoft.com
CVE-2022-33661 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33661 secure@microsoft.com
CVE-2022-30209 Windows IIS Server Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Orange Tsai (@orange_8361) with DEVCORE https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30209 secure@microsoft.com
CVE-2022-33632 Microsoft Office Security Feature Bypass Vulnerability. 2022-07-12
Nathan Shomber of Microsoft https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33632 secure@microsoft.com
CVE-2022-33656 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33656 secure@microsoft.com
CVE-2022-33669 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33669 secure@microsoft.com
CVE-2022-33650 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33650 secure@microsoft.com
CVE-2022-33643 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33643 secure@microsoft.com
CVE-2022-33675 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Jimi Sebree with Tenable https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33675 secure@microsoft.com
CVE-2022-33651 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33651 secure@microsoft.com
CVE-2022-33673 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33673 secure@microsoft.com
CVE-2022-30224 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Jarvis_1oop https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30224 secure@microsoft.com
CVE-2022-33665 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
Anonymous https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33665 secure@microsoft.com
CVE-2022-21845 Windows Kernel Information Disclosure Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21845 secure@microsoft.com
CVE-2022-22049 Windows CSRSS Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Sergei Glazunov with Google Project Zero https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22049
http://packetstormsecurity.com/files/168069/Windows-sxssrv-BaseSrvActivationContextCacheDuplicateUnicodeString-Heap-Buffer-Overflow.html		 secure@microsoft.com
CVE-2022-22041 Windows Print Spooler Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 JeongOh Kyea with THEORI https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22041 secure@microsoft.com
CVE-2022-22711 Windows BitLocker Information Disclosure Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22711 secure@microsoft.com
CVE-2022-22036 Performance Counters for Windows Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 RyeLv (@b2ahex) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22036 secure@microsoft.com
CVE-2022-30220 Windows Common Log File System Driver Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Thunder_J and Boxer with Vulnerability Research Institute
Boxer with Vulnerability Research Institute		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30220 secure@microsoft.com
CVE-2022-22028 Windows Network File System Information Disclosure Vulnerability. 2022-07-12
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.20348.825 - KB5015827
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Yuki Chen with Cyber KunLun https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22028 secure@microsoft.com
CVE-2022-22047 Windows CSRSS Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Microsoft Threat Intelligence Center (MSTIC) Microsoft Security Response Center (MSRC) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22047 secure@microsoft.com
CVE-2022-30211 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Alex Nichols with Nettitude https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30211 secure@microsoft.com
CVE-2022-33678 Azure Site Recovery Remote Code Execution Vulnerability. 2022-07-12
William Söderberg with WithSecure https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33678 secure@microsoft.com
CVE-2022-22042 Windows Hyper-V Information Disclosure Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Luoquan https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22042 secure@microsoft.com
CVE-2022-33644 Xbox Live Save Service Elevation of Privilege Vulnerability. 2022-07-12
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
 Jarvis_1oop https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33644 secure@microsoft.com
CVE-2022-22040 Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Orange Tsai (@orange_8361) with DEVCORE https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22040 secure@microsoft.com
CVE-2022-22025 Windows Internet Information Services Cachuri Module Denial of Service Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Orange Tsai (@orange_8361) with DEVCORE https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22025 secure@microsoft.com
CVE-2022-30213 Windows GDI+ Information Disclosure Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 willJ of vulnerability research institute https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30213 secure@microsoft.com
CVE-2022-30205 Windows Group Policy Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Matthieu Buffet https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30205 secure@microsoft.com
CVE-2022-22031 Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
 James Forshaw with Google Project Zero https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22031
http://packetstormsecurity.com/files/168094/Windows-Credential-Guard-Domain-Joined-Device-Public-Key-Privilege-Escalation.html		 secure@microsoft.com
CVE-2022-33659 Azure Site Recovery Elevation of Privilege Vulnerability. 2022-07-12
21
William Söderberg with WithSecure		 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33659 secure@microsoft.com
CVE-2022-22034 Windows Graphics Component Elevation of Privilege Vulnerability. 2022-07-12
10.0.10240.19360 - KB5015832
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.19043.1826 - KB5015807
10.0.19044.1826 - KB5015807
10.0.20348.825 - KB5015827
10.0.22000.795 - KB5015814
6.0.6003.21569 - KB5015866
6.0.6003.21569 - KB5015870
6.1.7601.26022 - KB5015861
6.1.7601.26022 - KB5015862
6.2.9200.23771 - KB5015863
6.2.9200.23771 - KB5015875
6.3.9600.20478 - KB5015874
6.3.9600.20478 - KB5015877
 Marcin Wiazowski working with Trend Micro Zero Day Initiative https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22034 secure@microsoft.com
CVE-2022-30187 Azure Storage Library Information Disclosure Vulnerability. 2022-07-12
Sophie Schmieg with Google https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30187 secure@microsoft.com
CVE-2022-30215 Active Directory Federation Services Elevation of Privilege Vulnerability. 2022-07-12
10.0.14393.5246 - KB5015808
10.0.17763.3165 - KB5015811
10.0.19042.1826 - KB5015807
10.0.20348.825 - KB5015827
 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30215 secure@microsoft.com
CVE-2022-27776 A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. 2022-06-02
https://hackerone.com/reports/1547048
https://security.netapp.com/advisory/ntap-20220609-0008/
https://www.debian.org/security/2022/dsa-5197		 cve-assignments@hackerone.com
Raw
MSRC July 2022 CWE Distribution.md 
pie showData
    title 2022-Jul- CWE Distribution
    "NVD-CWE-noinfo" : 50
    "CWE-269" : 13
    "CWE-668" : 7
    "CWE-94" : 4
    "CWE-362" : 3
    "CWE-863" : 2
    "CWE-843" : 1
    "CWE-787" : 1
    "CWE-434" : 1
    "NVD-CWE-Other" : 1
    "CWE-400" : 1
    "CWE-522" : 1
Loading
CWE Description CVEs Count
NVD-CWE-noinfo None
CVE-2022-33660
CVE-2022-33668
CVE-2022-33657
CVE-2022-33652
CVE-2022-33655
CVE-2022-33672
CVE-2022-33637
CVE-2022-33671
CVE-2022-22024
CVE-2022-33654
CVE-2022-33674
CVE-2022-33667
CVE-2022-33663
CVE-2022-30221
CVE-2022-33662
CVE-2022-33666
CVE-2022-33676
CVE-2022-22022
CVE-2022-33677
CVE-2022-33653
CVE-2022-30206
CVE-2022-33658
CVE-2022-30202
CVE-2022-30222
CVE-2022-33642
CVE-2022-33641
CVE-2022-22050
CVE-2022-30203
CVE-2022-30208
CVE-2022-33664
CVE-2022-33633
CVE-2022-33661
CVE-2022-30209
CVE-2022-33656
CVE-2022-33669
CVE-2022-33650
CVE-2022-33643
CVE-2022-33675
CVE-2022-33651
CVE-2022-33673
CVE-2022-33665
CVE-2022-22049
CVE-2022-30220
CVE-2022-30211
CVE-2022-33678
CVE-2022-33644
CVE-2022-22025
CVE-2022-30213
CVE-2022-33659
CVE-2022-30215
 50
CWE-269 Improper Privilege Management
CVE-2022-22037
CVE-2022-22043
CVE-2022-22026
CVE-2022-22045
CVE-2022-30225
CVE-2022-30181
CVE-2022-30226
CVE-2022-30224
CVE-2022-22041
CVE-2022-22036
CVE-2022-22047
CVE-2022-22031
CVE-2022-22034
 13
CWE-668 Exposure of Resource to Wrong Sphere
CVE-2022-23825
CVE-2022-30223
CVE-2022-21845
CVE-2022-22711
CVE-2022-22028
CVE-2022-22042
CVE-2022-30187
 7
CWE-94 Improper Control of Generation of Code ('Code Injection')
CVE-2022-22039
CVE-2022-22027
CVE-2022-22038
CVE-2022-22029
 4
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-30214
CVE-2022-30212
CVE-2022-30205
 3
CWE-863 Incorrect Authorization
CVE-2022-22048
CVE-2022-33632
 2
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2022-2295
 1
CWE-787 Out-of-bounds Write
CVE-2022-2294
 1
CWE-434 Unrestricted Upload of File with Dangerous Type
CVE-2022-30216
 1
NVD-CWE-Other None
CVE-2022-22023
 1
CWE-400 Uncontrolled Resource Consumption
CVE-2022-22040
 1
CWE-522 Insufficiently Protected Credentials
CVE-2022-27776
 1 
pie showData
    title 2022-Jul- CNA Distribution
    "secure@microsoft.com" : 81
    "chrome-cve-admin@google.com" : 2
    "psirt@amd.com" : 1
    "cve-assignments@hackerone.com" : 1
Loading 
pie showData
    title 2022-Jul- CPE Distribution
    "microsoft:windows_10" : 597
    "microsoft:windows_server_2008" : 94
    "microsoft:windows_server_2016" : 81
    "microsoft:windows_11" : 76
    "microsoft:windows_server_2012" : 74
    "microsoft:windows_8.1" : 63
    "microsoft:windows_7" : 60
    "microsoft:windows_server_2022" : 44
    "microsoft:windows_server_2019" : 43
    "microsoft:windows_rt_8.1" : 30
    "microsoft:azure_site_recovery_vmware_to_azure" : 30
    "vmware:esxi" : 15
    "microsoft:office" : 7
    "fedoraproject:fedora" : 6
    "microsoft:azure_storage_blobs" : 3
    "microsoft:azure_site_recovery" : 2
    "fedoraproject:extra_packages_for_enterprise_linux" : 2
    "microsoft:azure_storage_queue" : 2
    "microsoft:office_long_term_servicing_channel" : 2
    "microsoft:365_apps" : 2
    "google:chrome" : 2
    "microsoft:skype_for_business" : 2
    "microsoft:lync_server" : 1
    "webkitgtk:webkitgtk" : 1
    "wpewebkit:wpe_webkit" : 1
    "microsoft:defender_for_endpoint" : 1
    "debian:debian_linux" : 1
    "haxx:curl" : 1
Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment