Kategorie: Allgemein

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows WalletService allows an unauthorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.

Improper neutralization of input during web page generation (‚cross-site scripting‘) in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.