Autor: Peter Leibling

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.