| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
| Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network. |
| Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
| Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. |
| Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
| Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission. |
