13 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper bounds checking in memory operations. An attacker can execute arbitrary code or escalate privileges by supplying crafted input to the affected process. Remediation Upgrade...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper bounds checking in memory operations. An attacker can execute arbitrary code or escalate privileges by supplying crafted input to the affected process. Remediation Upgrade...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper validation of user-supplied input in the authentication process. An attacker can gain elevated privileges by providing crafted input during local interaction. Remediation Upgrade...
Improper Control of Generation of Code ('Code Injection')
Overview Affected versions of this package are vulnerable to Improper Control of Generation of Code 'Code Injection' due to improper handling of object lifecycles during the failure of CPimcManager object creation. An attacker can execute arbitrary code on the target system by convincing a user t...
Improper Control of Generation of Code ('Code Injection')
Overview Affected versions of this package are vulnerable to Improper Control of Generation of Code 'Code Injection' due to improper handling of object lifecycles during the failure of CPimcManager object creation. An attacker can execute arbitrary code on the target system by convincing a user t...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in how WPF applications load and render XPS documents which may result in remote code execution. Remediation Upgrade Microsoft.WindowsDesktop.App.Runtime.win-arm64 to version 6.0.18, 7.0...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in how WPF applications load and render XPS documents which may result in remote code execution. Remediation Upgrade Microsoft.WindowsDesktop.App.Runtime.win-x86 to version 6.0.18, 7.0.7...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE such that a malicious actor could cause a user to run arbitrary code as a result of parsing maliciously crafted xps files. Remediation Upgrade Microsoft.WindowsDesktop.App.Runtime.win-x86 to version 3.1.32,...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE such that a malicious actor could cause a user to run arbitrary code as a result of parsing maliciously crafted xps files. Remediation Upgrade Microsoft.WindowsDesktop.App.Runtime.win-arm64 to version 6.0.12,...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE such that a malicious actor could cause a user to run arbitrary code as a result of parsing maliciously crafted xps files. Remediation Upgrade Microsoft.WindowsDesktop.App.Runtime.win-x64 to version 3.1.32,...