Out-of-bounds read in Active Directory Federation Services (AD FS) allows an authorized attacker to disclose information over a network.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Origin validation error in Windows Network Address Translation (NAT) allows an unauthorized attacker to perform spoofing over an adjacent network.
Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.
Use after free in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Wireless Networking allows an authorized attacker to elevate privileges locally.
Uncontrolled resource consumption in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
Use after free in Windows Remote Desktop Services allows an authorized attacker to execute code over a network.
Use after free in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.
Improper access control in Microsoft 365 Copilot for iOS allows an unauthorized attacker to elevate privileges over a network.
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.