Alerts

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent...

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over...

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.