An arbitrary privileged file move operation exists in Microsoft Windows Service Tracing. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.



To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.



The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.

Integard Pro is prone to a buffer overflow when handling a specially crafted HTTP POST request.

The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.

.NET deserialization vulnerability in the Microsoft Exchange Control Panel web page allows authenticated attackers to execute OS commands with SYSTEM privileges.

The lack of randomization in the validationKey and decryptionKey values at installation allows an attacker to create a crafted viewstate to execute OS commands via .NET deserialization.

This update adds the CVE number.

A deserialization vulnerability in Microsoft SQL Server Reporting Services allows an authenticated attacker to execute arbitrary commands in the context of the Report Server service account.

This module exploits a buffer overflow vulnerability in Viper RGB MsIo64.sys vulnerability allows unprivileged local users to execute code with SYSTEM privileges.

The IOCTL Codes 0x80102050 and 0x80102054 allow a low privileges user to read/write 1/2/4 bytes from/to an IO port. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.



To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.



The update addresses this vulnerability by correcting unprotected COM calls.

This module uses an authentication bypass and a SQL injection vulnerability in order to upload and execute a JSP file in the Wildfly virtual file system webapps directory.



This update fixes OS detection when detecting DCNM version.