| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. |
| Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. |
| Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. |
| Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network. |
| Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally. |
| Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally. |
| Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally. |
| Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. |
| Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally. |
| Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
| Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) |
