Hwiwonl

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** A server-side request forgery (SSRF) allows an authorized attacker to disclose sensitive information over a network and affect the system. SSRF is a flaw where a server is tricked into making requests to an unintended location. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** Improper neutralization of input during web page generation leads to cross-site scripting (XSS), a condition where malicious scripts are injected into trusted websites. Additionally, a server-side request forgery (SSRF) issue exists, which occurs when a server is tricked into making unintended requests to internal or external resources. These flaws allow attackers to perform spoofing over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** A heap-based buffer overflow in the Windows Kernel allows an authorized attacker to elevate privileges locally. A heap-based buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially leading to memory corruption. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** A stack-based buffer overflow in the Windows Kernel allows an authorized attacker to elevate privileges locally. A stack-based buffer overflow occurs when a program writes more data to a buffer located on the stack than the buffer is allocated to hold, potentially overwriting adjacent memory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows versions (affected versions not specified) **Description** A use-after-free issue exists in the Broadcast DVR component. Exploitation of this issue could allow an authorized attacker to elevate privileges locally. The issue involves improper memory management within the Broadcast DVR service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Capability Access Management Service (camsvc) (affected versions not specified) **Description** An out-of-bounds read exists in the Capability Access Management Service (camsvc). A local attacker who is authorized can exploit this to disclose information. The issue allows attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Bluetooth Service (affected versions not specified) Description: A use-after-free issue exists in the Windows Bluetooth Service that could allow an authorized attacker to gain elevated privileges locally. This issue allows attackers to affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows versions (affected versions not specified) Description: A use after free issue exists in Windows PrintWorkflowUserSvc, potentially allowing an authorized attacker to gain elevated privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.