| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally. |
| Improper input validation in Windows Kerberos allows an authorized attacker to elevate privileges over a network. |
| An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. |
| When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST. |
| Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability |
| Windows Cryptographic Information Disclosure Vulnerability |
| Windows Themes Spoofing Vulnerability |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability |
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability |
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability |
| Windows Kerberos Information Disclosure Vulnerability |
| Windows BitLocker Information Disclosure Vulnerability |
| Windows Kerberos Denial of Service Vulnerability |
| Microsoft Surface Security Feature Bypass Vulnerability |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. |
| Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. |
