Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its configuration of OpenSSL, where an attacker with physical access to the system can cause arbitrary code execution which can impact confidentiality, integrity, and availability.
An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly handle Ease of Access dialog.An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.The security update addresses the vulnerability by ensuring that the Ease of Access dialog is handled properly., aka 'Windows Lockscreen Elevation of Privilege Vulnerability'.
An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog, aka 'Windows Remote Access Common Dialog Elevation of Privilege Vulnerability'.
A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'.
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
Microsoft OneDrive for Android Security Feature Bypass Vulnerability
Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host class, related to device linked classes, ASIX, Prolific, SWAR, audio, CDC ECM in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Windows Lock Screen Security Feature Bypass Vulnerability
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Secure Boot Security Feature Bypass Vulnerability
BitLocker Security Feature Bypass Vulnerability
Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability
Azure RTOS Elevation of Privilege Vulnerability
Azure RTOS Elevation of Privilege Vulnerability
Azure RTOS Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.
Visual Studio Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Improper Access Control in Thales Sentinel Protection Installer could allow a local user to escalate privileges.
Microsoft Office Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
Microsoft System Center Elevation of Privilege Vulnerability
Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID's on another tenant.
Windows Remote Desktop Services Tampering Vulnerability
Windows Update Stack Elevation of Privilege Vulnerability
Azure DevOps Server Spoofing Vulnerability
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to hijack network traffic or bypass intended Enhanced Protected Mode (EPM) or application container protection mechanisms, and consequently render untrusted content in a browser, by leveraging how NetBIOS validates responses, aka "NetBIOS Spoofing Vulnerability."
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability.
The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation.
Microsoft Office Visio Remote Code Execution Vulnerability
When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.