| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php. |
| Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally. |
| Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally. |
| Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to elevate privileges over a network. |
| In the Linux kernel, the following vulnerability has been resolved:
fanotify: fix false positive on permission events
fsnotify_get_mark_safe() may return false for a mark on an unrelated group,
which results in bypassing the permission check.
Fix by skipping over detached marks that are not in the current group. |
| Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally. |
| Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) |
| Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) |
| Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) |
| Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability |
| Microsoft Office Elevation of Privilege Vulnerability |
| WmsRepair Service Elevation of Privilege Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
| Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft System Center Elevation of Privilege Vulnerability |
| Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. |
| Visual C++ Redistributable Installer Elevation of Privilege Vulnerability |
| Windows Remote Desktop Services Tampering Vulnerability |
| Windows Netlogon Elevation of Privilege Vulnerability |
| Windows Kerberos Elevation of Privilege Vulnerability |