Kategorie: Allgemein

Improper link resolution before file access (‚link following‘) in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.

Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows DirectX allows an authorized attacker to elevate privileges locally.

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.