Sicherheitswarnungen

.NET and Visual Studio Denial of Service Vulnerability

.NET Framework Information Disclosure Vulnerability

Azure Data Studio Elevation of Privilege Vulnerability

Azure SDK Spoofing Vulnerability

cifs: Fix UAF in cifs_demultiplex_thread()

Comments in display names are incorrectly handled in net/mail

drm/amd/display: Wake DMCUB before executing GPINT commands

drm/msm/dpu: Add mutex lock in control vblank irq

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

In Fluent Bit 2.1.8 through 2.2.1 a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly.

jfs: fix array-index-out-of-bounds in dbAdjTree

Libdwarf: crashes randomly on fuzzed object

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Microsoft AllJoyn API Denial of Service Vulnerability

Microsoft Authenticator Elevation of Privilege Vulnerability

Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft Office Elevation of Privilege Vulnerability

Microsoft QUIC Denial of Service Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability

Mismatched Memory Management Routines in Wireshark

NTFS Elevation of Privilege Vulnerability

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

Outlook for Android Information Disclosure Vulnerability

reiserfs: Avoid touching renamed directory if parent does not change

sh: push-switch: Reorder cleanup operations to avoid use-after-free bug

Skype for Consumer Remote Code Execution Vulnerability

Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability

Unixodbc: out of bounds stack write due to pointer-to-integer types conversion

Visual Studio Code Elevation of Privilege Vulnerability

webpack-dev-middleware Path Traversal vulnerability

Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability

Windows Error Reporting Service Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Windows Hyper-V Remote Code Execution Vulnerability

Windows Installer Elevation of Privilege Vulnerability

Windows Kerberos Security Feature Bypass Vulnerability