Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV s...

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.