Autor: Peter Leibling

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Win32K – GRFX allows an authorized attacker to execute code locally.

Access of resource using incompatible type (‚type confusion‘) in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an unauthorized attacker to execute code over a network.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Win32K – GRFX allows an authorized attacker to execute code locally.

Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Connected Devices Platform Service allows an authorized attacker to deny service locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in SQL Server allows an authorized attacker to disclose information over a network.