| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use after free in Windows Media allows an authorized attacker to elevate privileges locally. |
| Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. |
| Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network. |
| Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally. |
| Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. |
| Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. |
| Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally. |
| Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. |
| Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. |
| Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. |
| An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.5.0 SP1 and earlier could allow an attacker to potentially gain unauthorized access to a chosen process address space. |
| A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue. |
