Kategorie: Allgemein

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.

[CVE-2026-26030](https://www.cve.org/CVERecord?id=CVE-2026-26030) is a Remote Code Execution vulnerability that has been identified in Microsoft Semantic Kernel Python SDK, specifically within the InMemoryVectorStore filter functionality. GitHub created this CVE on their behalf. GitHub created this CVE on their behalf. This document incorporates updates in the Microsoft Semantic Kernel Repository which address this vulnerability. Please see [CVE-2026-26030](https://www.cve.org/CVERecord?id=CVE-2026-26030) for…
Weiterlesen

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.

External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in an sql command (’sql injection‘) in SQL Server allows an authorized attacker to elevate privileges over a network.

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.

Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack.