Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.
Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue
Windows Local Session Manager (LSM) Denial of Service Vulnerability
Windows Local Security Authority (LSA) Denial of Service Vulnerability
Windows Kernel Memory Information Disclosure Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Kerberos Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
Windows OLE Remote Code Execution Vulnerability
Windows Driver Revocation List Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Microsoft Word Security Feature Bypass Vulnerability
Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft SharePoint Server Information Disclosure Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Windows Bluetooth Driver Remote Code Execution Vulnerability
Windows Backup Service Elevation of Privilege Vulnerability
Windows iSCSI Target Service Information Disclosure Vulnerability
Windows Bluetooth Driver Information Disclosure Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Remote Procedure Call Runtime Denial of Service Vulnerability
Windows NFS Portmapper Information Disclosure Vulnerability
Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability
Windows NTLM Security Support Provider Information Disclosure Vulnerability
Server for NFS Denial of Service Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Group Policy Security Feature Bypass Vulnerability
Windows Kernel Information Disclosure Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Win32k Elevation of Privilege Vulnerability
Windows Clip Service Elevation of Privilege Vulnerability