| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally. |
| Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. |
| Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. |
| Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. |
| Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally. |
| Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally. |
| Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network. |
| Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network. |
| Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. |
| GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the handling of palette data in AVI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28854. |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Azure Linux Virtual Machines allows an authorized attacker to elevate privileges locally. |
| Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network. |
| Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network. |
| Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally. |
| Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network. |
| Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally. |
