Vendor: microsoft
Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.