Zimi

**Name of the Vulnerable Software and Affected Versions** Intel QAT Driver for Windows versions prior to 1.9.0-0008 **Description** The issue is related to an out-of-bounds write in the software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 1.9.0-0008, update to version 1.9.0-0008 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Intel QAT Driver for Windows versions prior to 1.9.0-0008 **Description** The issue is an out-of-bounds read that may allow an authenticated user to potentially enable information disclosure via local access. **Recommendations** For versions prior to 1.9.0-0008, update to version 1.9.0-0008 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC 9 Extreme Laptop Kit drivers versions prior to 2.2.0.22 **Description** The issue is related to improper buffer restrictions in some Intel(R) NUC 9 Extreme Laptop Kit drivers, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2.2.0.22, update to version 2.2.0.22 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Windows NT Lan Manager Datagram Receiver Driver (affected versions not specified) **Description** The issue is related to information disclosure in the NT Lan Manager Datagram Receiver Driver of the Microsoft Windows operating system. It allows an attacker to obtain sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Ancillary Function Driver for WinSock (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows Ancillary Function Driver for WinSock, which can be exploited to elevate privileges. This could allow an attacker to affect the system. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Intel(R) NUC 9 Extreme Laptop Kits versions prior to 2.2.0.20 Description: The issue is related to improper access control in kernel mode driver, which may allow an authenticated user to potentially enable escalation of privilege via local access. Recommendations: For versions prior to 2.2.0.20, update to version 2.2.0.20 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to weaknesses in the security mechanisms of the NT LAN Manager (NTLM) protocol in the Windows operating system. It may allow an attacker to gain unauthorized access to protected information. The vulnerability can be exploited to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an information disclosure problem in the Windows kernel, which occurs due to improper initialization of a memory address. This can allow an attacker to gain unauthorized access to protected information using a specially crafted application. The vulnerability enables attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an information disclosure problem in the win32k component, which can improperly provide kernel information. This can allow an attacker to obtain sensitive information and potentially affect the system's confidentiality. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to errors in the mechanisms for handling objects in memory within the Windows operating system kernel component. This can allow an attacker to disclose protected information. The vulnerability enables attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Windows (affected versions not specified) Description: The issue exists due to errors in handling memory objects. It may allow an attacker to disclose protected information using a specially crafted application. The vulnerability can be exploited to obtain sensitive information and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to improper handling of objects in memory, which can be exploited by a local attacker using a specially crafted application to impact the confidentiality of protected information. This can allow attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to improper handling of objects in memory, which can be exploited by attackers to disclose protected information using a specially crafted application. This can allow attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers **Description** The issue is caused by improper initialization of objects in memory by the Windows kernel, allowing an attacker to disclose protected information using a specially crafted application. This can lead to the exposure of sensitive information. **Recommendations** For Windows 7, apply the recommended patch to fix the improper initialization of objects in memory. For Windows Server 2012 R2, apply the recommended patch to fix the improper initialization of objects in memory. For Windows RT 8.1, apply the recommended patch to fix the improper initialization of objects in memory. For Windows Server 2008, apply the recommended patch to fix the improper initialization of objects in memory. For Windows Server 2012, apply the recommended patch to fix the improper initialization of objects in memory. For Windows 8.1, apply the recommended patch to fix the improper initialization of objects in memory. For Windows Server 2016, apply the recommended patch to fix the improper initialization of objects in memory. For Windows Server 2008 R2, apply the recommended patch to fix the improper initialization of objects in memory. For Windows 10, apply the recommended patch to fix the improper initialization of objects in memory. For Windows 10 Servers, apply the recommended patch to fix the improper initialization of objects in memory.