A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script during the installation or update of such extension. This affects PostgreSQL versions before 12.4 before 11.9 before 10.14 before 9.6.19 and before 9.5.23.

Windows Sync Host Service Elevation of Privilege Vulnerability

It was found that PostgreSQL versions before 12.4 before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058 in order to execute arbitrary SQL command in the context of the user used for replication.

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission such as via sudo rules could use this flaw to escalate their privileges.

Microsoft Edge PDF Information Disclosure Vulnerability

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console calling an ioctl VT_RESIZE which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Skype for Business via Internet Explorer Information Disclosure Vulnerability

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.

Windows UPnP Device Host Elevation of Privilege Vulnerability

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentiality and availability impacts during the boot process.

Windows Error Reporting Manager Elevation of Privilege Vulnerability