| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install <bundle> on supported Python 3.10 and 3.11 runtimes. When apm install is given a local .tar.gz that is not recognized as a plugin-format bundle, APM probes whether it is a legacy --format apm bundle. On Python versions earlier than 3.12, that probe extracts untrusted tar members with raw tar.extractall() without rejecting Windows absolute member names such as D:/.... This vulnerability is fixed in 0.13.0. |
| Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. |
| Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network. |
| Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally. |
| Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network. |
| Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network. |
| Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network. |
| External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. |
| Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. |
| Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
| Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally. |
| Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
| External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. |
| Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. |
| Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally. |
| Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally. |
| Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally. |
