Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.

Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Use after free in Windows Shell allows an unauthorized attacker to execute code locally.

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.