Kategorie: Allgemein

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Improper limitation of a pathname to a restricted directory (‚path traversal‘) in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.

Improper link resolution before file access (‚link following‘) in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in a command (‚command injection‘) in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.

Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Kernel allows an authorized attacker to elevate privileges locally.

Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.