Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.

Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.

Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.