Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Insufficient granularity of access control in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.