Windows Network Connections Service Elevation of Privilege Vulnerability

Windows Network Connections Service Elevation of Privilege Vulnerability

Windows Kernel Information Disclosure Vulnerability

Microsoft Windows Codecs Library Remote Code Execution Vulnerability

Windows Update Stack Elevation of Privilege Vulnerability

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Windows Runtime Elevation of Privilege Vulnerability

LNK Remote Code Execution Vulnerability

Windows Error Reporting Information Disclosure Vulnerability

Windows Kernel Information Disclosure Vulnerability

Windows Diagnostics Hub Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability

Windows Runtime Elevation of Privilege Vulnerability

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.

Windows Runtime Elevation of Privilege Vulnerability

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.