Active Directory Federation Services Elevation of Privilege Vulnerability.
NVD-CWE-noinfo
CVE-2022-30220
Windows Common Log File System Driver Elevation of Privilege Vulnerability.
CVE-2022-30221
Windows Graphics Component Remote Code Execution Vulnerability.
CVE-2022-30222
Windows Shell Remote Code Execution Vulnerability.
CVE-2022-30242
Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller’s function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered.
CVE-2022-30121
The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.