| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally. |
| Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally. |
| Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network. |
| Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network. |
| Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. |
| Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally. |
| Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
| Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Illustrator versions 29.8.6, 30.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally. |
| Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) |
| An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section. |
| A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM |
| Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
