| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. |
| Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally. |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network. |
| A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration. |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Microsoft Xbox Remote Code Execution Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability |
