David Zhu

**Name of the Vulnerable Software and Affected Versions** Windows Universal Plug and Play (UPnP) Device Host (affected versions not specified) **Description** An untrusted pointer dereference in the Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows File Explorer (affected versions not specified) **Description** Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows File Explorer (affected versions not specified) **Description** Exposure of sensitive information in Windows File Explorer allows an authorized attacker to disclose information locally.

**Name of the Vulnerable Software and Affected Versions** Windows File Explorer (affected versions not specified) **Description** Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Remote Procedure Call (affected versions not specified) **Description** An issue in Windows Remote Procedure Call allows an authorized attacker to locally disclose sensitive information. This data leak can be used by attackers to map the system environment. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.