Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack.
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.
Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.
Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges locally.
Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.
Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.
Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.