Kategorie: Allgemein

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

The vulnerability assigned to this CVE could lead to corruption of guest encrypted memory. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. Please see the following for…
Weiterlesen

Double free in Windows Shell allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

Untrusted pointer dereference in Windows Win32K – ICOMP allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type (‚type confusion‘) in Windows OLE allows an authorized attacker to elevate privileges locally.