| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows TCP/IP Denial of Service Vulnerability |
| Windows TCP/IP Denial of Service Vulnerability |
| Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
| Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. |
| Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Windows TCP/IP Denial of Service Vulnerability |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. |
| Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. |
| Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally. |
| A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code.
Exploitation of the vulnerability requires that a program process a specially crafted image file.
The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory. |
| Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. |
| Windows Address Book Remote Code Execution Vulnerability |
| .NET Framework Remote Code Execution Vulnerability |
| Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally. |
| Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. |
