Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.

Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.