| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435343; Issue ID: MSV-4040. |
| Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally. |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00432680; Issue ID: MSV-3949. |
| Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally. |
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. |
| Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally. |
| Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability |
| Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges. |
