Cyanbamboo

**Name of the Vulnerable Software and Affected Versions** Windows Hyper-V (affected versions not specified) **Description** A heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally. This issue can also allow remote attackers to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Hyper-V version 11 25H2 Build 26200.7830 **Description** A heap-based buffer overflow exists in the dynamic memory component of Windows Hyper-V. This issue allows an authorized attacker to execute arbitrary code locally, potentially leading to privilege escalation on the host and impacting all guest virtual machines. Some reports also indicate that remote attackers may be able to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Hyper-V (affected versions not specified) **Description** A flaw in input validation within Windows Hyper-V can allow a local attacker to execute code. The issue enables remote attackers to execute arbitrary code and compromise the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Hyper-V (affected versions not specified) **Description** A heap-based buffer overflow exists in Windows Hyper-V. This issue allows a locally authorized attacker to execute code. The vulnerability may also allow remote attackers to execute arbitrary code and impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Graphics Kernel (affected versions not specified) **Description** A flaw exists that allows a local attacker to elevate privileges. This is due to a race condition occurring during concurrent execution when accessing a shared resource with improper synchronization. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Versions prior to the fixed version (affected versions not specified) **Description** A flaw exists due to concurrent execution using a shared resource with improper synchronization, creating a race condition in the Graphics Kernel. This allows a local attacker to elevate privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** A use after free issue exists in the Microsoft Graphics Component, potentially allowing a local attacker to elevate privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Win32K - GRFX (affected versions not specified) Description: The issue involves concurrent execution using a shared resource with improper synchronization, specifically a race condition within Windows Win32K - GRFX. This allows an authorized attacker to execute code locally. The vulnerability also allows remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Graphics Component (affected versions not specified) Description: A race condition exists due to concurrent execution using a shared resource with improper synchronization within the Microsoft Graphics Component. This allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Win32K - GRFX (affected versions not specified) Description: The issue involves concurrent execution using a shared resource with improper synchronization, specifically a race condition within Windows Win32K - GRFX. This allows an authorized attacker to execute code locally. The vulnerability also allows remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Graphics Kernel (affected versions not specified) Description: A race condition exists due to improper synchronization when using a shared resource during concurrent execution. This allows a local attacker to elevate privileges. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Win32K - GRFX (affected versions not specified) Description: A race condition exists due to improper synchronization when handling concurrent execution using a shared resource within Windows Win32K - GRFX. This allows an authorized attacker to execute code locally. The vulnerability also enables remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows DirectX (affected versions not specified) Description: Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows DirectX (affected versions not specified) Description: A race condition exists in Windows DirectX due to concurrent execution using a shared resource with improper synchronization. This allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Graphics Kernel (affected versions not specified) Description: An issue exists in the Graphics Kernel where access of a resource using an incompatible type ('type confusion') can allow an authorized attacker to execute code locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.