| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. |
| Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
| Windows Kernel Elevation of Privilege Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
| Windows Themes Information Disclosure Vulnerability |
| Microsoft AllJoyn API Denial of Service Vulnerability |
| Microsoft ODBC Driver Remote Code Execution Vulnerability |
| Windows NTFS Information Disclosure Vulnerability |
| Windows Message Queuing Client (MSMQC) Information Disclosure |
| Win32k Elevation of Privilege Vulnerability |
| Windows TCP/IP Information Disclosure Vulnerability |
| Windows HTML Platforms Security Feature Bypass Vulnerability |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability |
| Windows Message Queuing Client (MSMQC) Information Disclosure |
| Win32k Elevation of Privilege Vulnerability |
| An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.
To exploit this vulnerability, an attacker would require unprivileged execution on the victim system.
The security update addresses the vulnerability by correctly validating folder shortcuts. |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.
The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.
The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. |
| An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability by ensuring the Windows NFS properly handles objects in memory. |
