| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465153; Issue ID: MSV-4927. |
| Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. |
| Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently. |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. |
| Memory Corruption when multiple threads simultaneously access a memory free API. |
| Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. |
| Memory corruption when calculating oversized partition sizes without proper checks. |
| Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. |
| Memory corruption while calculating offset from partition start point. |
| Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally. |
| Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input. |
| Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. |
| Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors. |
| Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network. |
| Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. |
| Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. |
| Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters. |
| Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. |
