Autor: Peter Leibling

Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im TYPO3 Core ausnutzen, um Phishing-Angriffe durchzuführen, vertrauliche Informationen offenzulegen, Daten zu manipulieren, Sicherheitsmaßnahmen zu umgehen und einen Denial-of-Service-Zustand zu verursachen.

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Information published.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Improper neutralization of special elements used in a command (‚command injection‘) in SQL Server allows an authorized attacker to elevate privileges over a network.