Horilla is an HR and CRM software. In 1.5.0, the notification endpoints trust the unvalidated next parameter and redirect users to arbitrary external URLs. This allows an attacker to turn trusted application links into phishing or social-engineering redirects.
Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network.
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.
Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network.
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.
External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.
Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.
Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.