| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. |
| Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. |
| Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. |
| Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. |
| Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally. |
| Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network. |
| Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
| Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network. |
| Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. |
