#auth

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.

Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

Use of hard-coded credentials in Azure Local Cluster allows an authorized attacker to disclose information locally.

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.

Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.