Kategorie: Allgemein

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.

External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in an sql command (’sql injection‘) in SQL Server allows an authorized attacker to elevate privileges over a network.

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.