14 matches found
CVE-2026-50356
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally...
CVE-2026-49784
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally...
CVE-2026-49165
Use of uninitialized resource in Microsoft Windows App Store allows an authorized attacker to disclose information locally...
CVE-2026-42900
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows App Store allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-50356
CVE-2026-50356 describes a race-condition in Microsoft Windows App Store caused by concurrent execution using a shared resource with improper synchronization. This allows a locally authenticated attacker to elevate privileges. The fixed details or patch versions are not provided in the connected ...
CVE-2026-49784
Summary: CVE-2026-49784 describes a race condition in the Microsoft Windows App Store caused by concurrent access to a shared resource with improper synchronization. The vulnerability allows an authorized local attacker to elevate privileges. The reported CVSS v3.1 vector is AV:L/AC:H/PR:L/UI:N/S...
CVE-2026-49165 Microsoft Windows App Store Information Disclosure Vulnerability
...
CVE-2026-42900
The CVE-2026-42900 entry concerns a race condition caused by improper synchronization in the Windows App Store. Reported impact is privilege elevation over a network, implying an unauthorized attacker could exploit a timing-related flaw to escalate access. Documents consistently describe a concur...
Microsoft 3D Builder app Multiple Remote Code Execution Vulnerabilities (September 2023)
The version of the Microsoft 3D Builder app installed on the remote Windows host is prior to 20.0.4.0. It is, therefore, affected by multiple remote code execution vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute...
Microsoft Windows App Store 安全漏洞
Microsoft Windows App Store is an application store for downloading software from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows App Store. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are affected:Windows 10...
Microsoft 3D Builder app Multiple Remote Code Execution Vulnerabilities (February 2023)
The version of the Microsoft 3D Builder app installed on the remote Windows host is prior to 20.0.3.0. It is, therefore, affected by multiple unspecified remote code execution vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's...
Microsoft Windows App Store 安全漏洞
Microsoft Windows App Store is an application store for downloading software from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows App Store. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the vendor announcement...
Microsoft Patch Tuesday, April 2022 Edition
Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National...
Microsoft Windows App Store 权限许可和访问控制问题漏洞
Microsoft Windows App Store is an application store for downloading software from Microsoft Corporation USA. A vulnerability exists in the Microsoft Windows App Store with privilege license and access control issues. The following products and editions are affected: Windows 10 Version 20H2 for...