Kap0K

**Nome do software vulnerável e versões afetadas** Microsoft Exchange Server (versões afetadas não especificadas) **Descrição** O problema está relacionado a um elemento de caminho de pesquisa não controlado ao carregar bibliotecas DLL no Microsoft Exchange Server. Isso pode permitir que um invasor remoto execute código arbitrário. Não há informações disponíveis sobre o número estimado de dispositivos potencialmente afetados em todo o mundo ou sobre incidentes reais em que essa vulnerabilidade tenha sido explorada. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Microsoft SharePoint Server (versões afetadas não especificadas) **Descrição** O problema está relacionado à validação insuficiente de entradas no Microsoft SharePoint Server, o que pode ser explorado para executar código arbitrário. Isso pode permitir que um invasor realize ações não autorizadas no sistema. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Windows (versões afetadas não especificadas) **Descrição** O problema está relacionado a um elemento de caminho de pesquisa não controlado no mecanismo OLE do Windows. Isso permite que um invasor remoto execute código arbitrário. Não há informações sobre o número estimado de dispositivos potencialmente afetados em todo o mundo nem sobre incidentes reais em que essa vulnerabilidade tenha sido explorada. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Windows User Interface Application Core (affected versions not specified) **Description** The issue is related to insufficient input validation in the Windows User Interface Application Core, which can be exploited by attackers to execute arbitrary code by loading a specially crafted file. This can allow remote attackers to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The vulnerability is related to insufficient input validation in the Windows Setup Files Cleanup component. It allows remote attackers to execute arbitrary code on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure RTOS GUIX Studio (affected versions not specified) **Description** The issue is related to insufficient input validation in the Azure RTOS GUIX Studio development environment. Exploitation of this issue may allow an attacker to execute arbitrary code using a specially crafted file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Visual Studio (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft Visual Studio, which can allow an attacker to execute arbitrary code. This can potentially lead to remote code execution when processing corrupted PDB files, such as those handled by DiaSymReader.dll. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft PostScript Printer Driver and PCL6 Class Printer Driver (affected versions not specified) **Description** The issue is related to information disclosure in the PostScript Printer Driver (Pscript) and PCL6 Class Printer Driver of Windows operating systems. Exploitation of this issue may allow an attacker to gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Update Orchestrator Service (affected versions not specified) **Description** The issue is related to an information disclosure vulnerability in the Windows Update Orchestrator Service of the Windows operating system. This vulnerability can be exploited to allow an attacker to gain unauthorized access to protected information. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient input validation in the Windows OLE technology, which allows binding and embedding objects into other documents and objects. This can lead to remote code execution, enabling an attacker to execute arbitrary code and affect the system. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows PostScript Printer Driver (Pscript) and PCL6 Class Printer Driver (affected versions not specified) **Description** The issue is related to information disclosure. It may allow an attacker to gain unauthorized access to protected information. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows PostScript Printer Driver (Pscript) and PCL6 Class Printer Driver (affected versions not specified) **Description** The issue is related to information disclosure. It may allow an attacker to gain unauthorized access to protected information. The vulnerability can be exploited to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows PostScript Printer Driver (Pscript) and PCL6 Class Printer (affected versions not specified) **Description** The issue is related to insufficient input validation in the PostScript Printer Driver (Pscript) and PCL6 Class Printer of Windows operating systems. This allows a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient protection of internal data in the OLE Automation technology of Windows operating systems. This can allow a remote attacker to gain unauthorized access to protected information. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Online Certificate Status Protocol (OCSP) SnapIn (affected versions not specified) **Description** The issue exists due to insufficient input validation in the implementation of the Online Certificate Status Protocol (OCSP) in Windows. This allows a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft PostScript and PCL6 Class Printer Driver (affected versions not specified) **Description** The issue is related to insufficient protection of service data in the Microsoft PostScript and PCL6 Class Printer Driver, which can be exploited by a remote attacker to gain unauthorized access to protected information. This may allow attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows PostScript Printer Driver (Pscript) and PCL6 Class Printer (affected versions not specified) **Description** The issue is related to insufficient protection of system data in Windows operating systems, specifically affecting PostScript Printer Driver (Pscript) and PCL6 Class Printer. This allows a remote attacker to potentially gain unauthorized access to protected information. The vulnerability can be exploited to obtain sensitive information and impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft PostScript and PCL6 Class Printer Driver (affected versions not specified) **Description** The issue is related to an information disclosure vulnerability. It may allow an attacker to gain unauthorized access to protected information. There is no information available about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Geolocation Service (affected versions not specified) **Description** The issue is related to insufficient input validation in the Windows Geolocation Service, which can be exploited by an attacker to execute arbitrary code using a specially crafted file. This can allow remote attackers to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft PostScript Printer Driver (affected versions not specified) **Description** The vulnerability is related to insufficient input validation in the Microsoft PostScript Printer Driver for Windows operating systems. It allows remote attackers to execute arbitrary code by using specially crafted data. This can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.