Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
Use after free in Windows Secure Socket Tunneling Protocol (SSTP) allows an unauthorized attacker to execute code over a network.
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.
Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Edge (Chromium-based) allows an authorized attacker to disclose information locally.
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
External control of file name or path in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code allows an unauthorized attacker to execute code locally.