Kategorie: Allgemein

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally.

Improper neutralization of special elements used in an sql command (’sql injection‘) in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally.

Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Uncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.