Autor: Peter Leibling

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Erlang/OTP ausnutzen, um einen Denial of Service Angriff durchzuführen.

Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in phpMyAdmin ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.

Access of resource using incompatible type (‚type confusion‘) in Microsoft Office allows an unauthorized attacker to execute code locally.

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.