| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based buffer overflow in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally. |
| Use after free in Graphics Kernel allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges locally. |
| Missing authentication for critical function in Windows Spaceport.sys allows an authorized attacker to elevate privileges locally. |
| Integer underflow (wrap or wraparound) in Windows NTFS allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows Web Proxy Auto-Discovery Protocol (WPAD) allows an authorized attacker to elevate privileges locally. |
| Allocation of resources without limits or throttling in HTTP/2 allows an unauthorized attacker to deny service over a network. |
| Integer underflow (wrap or wraparound) in Windows DHCP Client allows an unauthorized attacker to elevate privileges over a network. |
| Memory allocation with excessive size value in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. |
| Audition is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Improper link resolution before file access ('link following') in Window PC Manager allows an authorized attacker to elevate privileges locally. |
| Audition is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport Driver allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally. |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) |