#microsoft

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to have a deep understanding of the system. Successful exploitation is not guaranteed and depends on a combination of factors that might include the environment, system configuration, and the presence of additional security measures.

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

Exposure of sensitive information to an unauthorized actor in Windows Kernel Memory allows an unauthorized attacker to disclose information locally.

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.