Autor: Peter Leibling

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.

Use after free in Windows Shell allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

HCL warnt vor teils kritischen Sicherheitslücken. Updates stehen für BigFix, DevOps, Traveler und Connections bereit.

Ein lokaler Angreifer kann eine Schwachstelle in ESET NOD32 Antivirus ausnutzen, um beliebigen Programmcode auszuführen.

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Siemens SIMATIC S7 ausnutzen, um einen Denial of Service Angriff durchzuführen.