A Server-Side Request Forgery (SSRF) vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. Successful exploitation of this vulnerabili…

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against re…

Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.