| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
| Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally. |
| Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port scanning, service fingerprinting, and retrieval of internal HTTP responses which are stored in the publicly accessible media pool. This issue has been patched in version 1.1. |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. |
| Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally. |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. |
