| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft Surface Security Feature Bypass Vulnerability |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. |
| Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. |
| Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network. |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. |
| Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. |
| Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally. |
| Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally. |
| Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally. |
| Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
| A lack of proper input validation in the HTTP processing path in TP-Link Archer BE230 v1.2 (web modules) may allow a crafted request to cause the device’s web service to become unresponsive, resulting in a denial of service condition. A network adjacent attacker with high privileges could cause the device’s web interface to temporarily stop responding until it recovers or is rebooted.
This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420. |
| Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally. |
