Microsoft Vulnerabilities

This vulnerability allows an attacker who has already logged into a Windows 10 system to run malicious code with high-level permissions, potentially letting them install software, access or modify files, or create new user accounts. To exploit it, the attacker needs to run a specially crafted application on the system.

This vulnerability allows an attacker to gather sensitive information from a Windows 10 system that has the Routing and Remote Access feature enabled, potentially leading to further attacks. However, only systems with this feature turned on are at risk, as it is not enabled by default.

This vulnerability allows an attacker to run any code they choose on a victim's computer, potentially giving them full control if the user has administrative rights. To exploit it, the attacker needs the victim to visit a specially crafted website or open a document that uses Internet Explorer's rendering engine.

An attacker can take control of a victim's computer, allowing them to install programs, change or delete files, or create new user accounts with full access. This vulnerability can be exploited if the victim opens a specially crafted document or visits a malicious website.

This vulnerability allows an attacker who is already logged into a Windows 10 system to run a specially crafted application that can give them higher privileges, letting them access sensitive data or control the system. To exploit this flaw, the attacker must have local access to the machine, meaning they need to be physically present or have valid login credentials.

This vulnerability allows an attacker who is already logged into a Windows 10 system to gain higher privileges, potentially letting them take control of the system or access sensitive data. To exploit this, the attacker needs to run a specially crafted application on the targeted machine.

This vulnerability allows an attacker to take control of a Windows 10 system by tricking a user into opening a malicious document or visiting a harmful website. It relies on the Windows Media Audio Codec mishandling certain objects, which can lead to remote code execution if successfully exploited.

This vulnerability allows an attacker to gain full control over a Windows 10 system, enabling them to install programs, delete data, or create new user accounts with full rights. However, the attacker must first log in to the affected system and run a specially crafted script or application to exploit it.

This vulnerability allows an attacker to run their own code on a vulnerable Microsoft Dynamics 365 server, potentially taking control of it. However, the attacker needs to be logged in with permissions to import and export data, and they would exploit this by sending a specially crafted file to the server.

An attacker can take control of a system by exploiting a vulnerability in Microsoft .NET Framework that processes input incorrectly. To do this, they need to upload a specially crafted file to a vulnerable web application.

An attacker can run malicious code on a victim's computer through Visual Studio Code if they trick the victim into cloning a specially crafted project repository and opening it. This is particularly dangerous if the victim has administrative rights, as the attacker could then take full control of the system, install software, or manipulate data.

This vulnerability allows an attacker with local access to a Windows 10 machine to run malicious code with higher permissions, potentially giving them control over the system. To exploit it, the attacker must first be logged into the system and run a specially crafted application.

This vulnerability allows an attacker to bypass authentication and gain unauthorized access to Microsoft SharePoint Server and Skype for Business Server. To exploit it, the attacker needs to modify an OAuth token, which means they must have some level of access to the system to create or alter the token.

This vulnerability allows an attacker to gain higher privileges on a system by loading unauthorized software through the Remote Desktop App for Mac. To exploit this, the attacker needs access to the app, which could happen if the user is tricked into running malicious code.

This vulnerability allows an attacker with local access to a Windows 10 system to run malicious code with higher permissions than they should have. To exploit it, the attacker needs to be logged into the system and run a specially crafted application.

An attacker can gain higher-level permissions on a Windows 10 system, allowing them to execute malicious code. To exploit this vulnerability, the attacker must already have access to the system and run a specially crafted application.

An attacker can take over a user's account by tricking them into visiting a malicious website that steals their login token. This requires the user to click on a specially crafted link, making it crucial for users to be cautious about where they browse.

This vulnerability allows an attacker who has logged into a Windows 10 system to run a specially crafted application that can reveal sensitive information, potentially leading to further attacks on the system. While it doesn't let the attacker execute code or gain higher privileges directly, the leaked information could help them compromise the system in other ways.

This vulnerability allows an attacker to escape from a restricted environment (sandbox) and gain higher privileges on a Windows 10 system, potentially taking full control. To exploit it, the attacker must first log into the system and run a specially crafted application.

This vulnerability allows an attacker to gain full control of a Windows 7 system, enabling them to install programs, alter or delete data, and create new user accounts. However, the attacker must first log in to the system and then run a specially crafted application to exploit the flaw.