| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
| Memory corruption due to improper bounds check while command handling in camera-kernel driver. |
| Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. |
| Memory corruption while processing escape code in API. |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. |
| Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality. |
| Memory corruption due to global buffer overflow when a test command uses an invalid payload type. |
| Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing. |
| Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. |
| Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. |
| An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.
The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
| Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
