Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized...
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.
External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
