Vulnerabilities in Microsoft Windows

Microsoft has fixed a large number of vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to various categories of damage, as described in the tables below. Among these vulnerabilities are about six very serious ones, which Microsoft ha...

CHIYU TCP/IP Converter - Carriage Return Line Feed Injection

CHIYU TCP/IP Converter BF-430, BF-431, and BF-450 are susceptible to carriage return line feed injection. The redirect= parameter, available on multiple CGI components, is not properly validated, thus enabling an attacker to obtain sensitive information, modify data, and/or execute unauthorized...

CVE-2026-9401 Edimax BR-6675nD POST Request formWanTcpipSetup buffer overflow

A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated remotely. The exploit...

CVE-2026-40399

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-33837

Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-40406

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...

CVE-2026-34334

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-40413

Technical details about CVE-2026-40413, including affected products, vulnerable components, root cause, impact, and fixes, are not publicly provided in the connected documents. Monitor official advisories for updates.

CVE-2026-34334 Windows TCP/IP Elevation of Privilege Vulnerability

...

CVE-2026-40414

CVE-2026-40414 describes a null pointer dereference in the Windows TCP/IP stack that can cause a denial of service over an adjacent network. Affected software is Windows TCP/IP; root cause is a null pointer dereference. Impact is limited to availability (denial) with no confidentiality or integri...

CVE-2026-40405

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network...

CVE-2026-40399

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-40399 Windows TCP/IP Elevation of Privilege Vulnerability

...

CVE-2026-35422

Technical details for CVE-2026-35422 (affected components, root cause, impact, or patch) are not provided in the connected documents. Monitor for authoritative updates from official sources.

Windows TCP/IP Remote Code Execution Vulnerability

Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network...

PT-2026-40215

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally...

PT-2026-40223

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network...

Microsoft Windows TCP/IP 代码问题漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are code-related vulnerabilities in Microsoft Windows TCP/IP. Attackers can exploit these vulnerabilities to cause system denial-of-service attacks. The followin...

Microsoft Windows TCP/IP 资源管理错误漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There is a resource management vulnerability in Microsoft Windows TCP/IP. The following products and versions are affected: Windows 10 Version 1809 for 32-bit systems,...

PT-2026-40167

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...