Autor: Peter Leibling

Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.

Improper link resolution before file access (‚link following‘) in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally.

Inconsistent interpretation of http requests (‚http request/response smuggling‘) in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um Daten zu manipulieren oder einen Denial of Service herbeizuführen.