Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network.
Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We ...
Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.