Windows DNS Server Remote Code Execution Vulnerability
Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows Group Policy Elevation of Privilege Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Microsoft Exchange Server Security Feature Bypass Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.
Microsoft Exchange Remote Code Execution Vulnerability
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: 271341.
A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.
Windows Domain Name Service Remote Code Execution Vulnerability
Windows Kerberos Elevation of Privilege Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. IBM X-Force ID: 262481.
Microsoft Failover Cluster Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
Azure Service Fabric for Linux Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.
During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability."
Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges, via a crafted SMB Negotiate response, aka "SMB Client Race Condition Vulnerability."
An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'.
Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."
Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "SMB Memory Corruption Vulnerability."
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability