Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
Execution with unnecessary privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network.
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.
Insufficient granularity of access control in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.
Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
