Mateusz Jurczyk

**Name of the Vulnerable Software and Affected Versions** libimagecodec.quram.so versions prior to SMR Jan-2026 Release 1 **Description** An out-of-bounds read issue exists in libimagecodec.quram.so. This allows a remote attacker to access memory outside of the intended boundaries. The issue is present in versions prior to SMR Jan-2026 Release 1. **Recommendations** Update libimagecodec.quram.so to SMR Jan-2026 Release 1 or later.

**Name of the Vulnerable Software and Affected Versions** Windows Cloud Files Mini Filter Driver (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows Cloud Files Mini Filter Driver, which is associated with synchronization errors. Exploitation of this issue may allow an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Registry versions prior to the fixed version **Description** The issue is related to an elevation-of-privilege vulnerability in the Windows Registry, which can be exploited to gain elevated privileges on the system. This vulnerability is associated with an integer overflow. The estimated number of potentially affected devices is not specified. **Recommendations** As a temporary workaround, consider restricting access to the Windows Registry until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified) Description: The issue is related to a Windows Registry Elevation of Privilege vulnerability, which is caused by errors in synchronization when using a shared resource. This vulnerability can be exploited to gain SYSTEM-level access on unpatched Windows machines. A proof-of-concept (PoC) exploit code has been released. The flaw exploits a design oversight and allows attackers to affect the system. Microsoft addressed this issue in November 2024. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows Kernel, which can be exploited to bypass security restrictions and elevate privileges. This allows an attacker to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient protection of internal data in the Windows operating system kernel. It allows attackers to obtain sensitive information and potentially affect the system. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation-of-privilege vulnerability in the Windows Kernel, which is associated with insufficient access control. This vulnerability can be exploited by an attacker to bypass security restrictions and elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient input validation in the Windows Kernel, which can be exploited to cause a denial-of-service condition using specially crafted data. This allows attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows operating system kernel, which can be exploited to bypass security restrictions and elevate privileges. An elevation-of-privilege vulnerability allows attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient protection of internal data in the Windows operating system, which could allow an attacker to gain unauthorized access to protected information. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows kernel, allowing an attacker to bypass security restrictions and elevate their privileges. This can affect the system, potentially leading to unauthorized access or control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows kernel, allowing an attacker to elevate their privileges. This can impact the system, potentially giving an attacker higher access levels. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient protection of internal data in the Windows operating system, which can allow an attacker to gain unauthorized access to protected information. This can potentially enable attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to synchronization errors in the Windows kernel, specifically a "race condition" scenario. This could allow an attacker to elevate their privileges. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to errors in access control within the Windows operating system kernel. It allows an attacker to disclose protected information using a specially crafted application. This can potentially enable attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue concerns insufficient protection of internal data in the Windows kernel, potentially allowing unauthorized access to sensitive information. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient protection of internal data in the Windows operating system kernel. It allows an attacker to gain unauthorized access to protected information. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows Kernel, which can be exploited to elevate privileges. This allows an attacker to affect the system. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows Kernel, which can be exploited to elevate privileges. An elevation-of-privilege vulnerability allows attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows operating system kernel, which can be exploited to elevate privileges. This allows an attacker to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.