| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use after free in Windows Media allows an authorized attacker to elevate privileges locally. |
| Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network. |
| Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally. |
| Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. |
| Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. |
| Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. |
| A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue. |
| Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads. |
| Memory corruption while processing memory map or unmap IOCTL operations simultaneously. |
| memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed. |
| Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. |
| Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. |
