win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a crafted application that calls the PostMessage function, aka "PostMessage Function Vulnerability."
DeepSpeed Remote Code Execution Vulnerability
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k Double Free Vulnerability."
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.
Windows Cryptographic Services Remote Code Execution Vulnerability
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Raw Image Extension Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally.
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High)
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.
Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Windows Telephony Server Elevation of Privilege Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Libarchive Remote Code Execution Vulnerability
Windows CSC Service Elevation of Privilege Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
DHCP Server Service Remote Code Execution Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
DHCP Server Service Remote Code Execution Vulnerability
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Windows Kernel Remote Code Execution Vulnerability