Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally.

Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits.

Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.