| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) |
| Integer overflow or wraparound in Microsoft Defender allows an unauthorized attacker to execute code locally. |
| Insufficient granularity of access control in Windows StateRepository API allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an authorized attacker to elevate privileges over a network. |
| Missing authentication for critical function in Windows Server Update Service allows an authorized attacker to elevate privileges over a network. |
| Use after free in Windows Secure Socket Tunneling Protocol (SSTP) allows an unauthorized attacker to execute code over a network. |
| Use after free in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. |
| Improper access control in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. |
| Integer underflow (wrap or wraparound) in Reliable Multicast Transport Driver (RMCAST) allows an unauthorized attacker to execute code over an adjacent network. |
| Buffer over-read in Windows Redirected Drive Buffering allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
| Improper link resolution before file access ('link following') in Windows Projected File System allows an authorized attacker to elevate privileges locally. |
| Double free in Microsoft Printer Drivers allows an authorized attacker to elevate privileges locally. |
| Illustrator is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed. |
| Illustrator is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed. |
| Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Incorrect type conversion or cast in Windows Notification allows an authorized attacker to elevate privileges locally. |
| Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |