Sam Pope

**Name of the Vulnerable Software and Affected Versions** Power Automate (affected versions not specified) **Description** The issue is related to an uncontrolled search path element in Power Automate, which allows an authorized attacker to disclose information over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Resilient File System (ReFS) (affected versions not specified) **Description** The issue is related to an elevation-of-privilege vulnerability in the Windows Resilient File System (ReFS). It is caused by a buffer overflow in memory, allowing an attacker to potentially gain elevated privileges. This vulnerability can be exploited to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft OLE DB Driver for SQL Server (affected versions not specified) **Description** The issue exists due to insufficient input validation in the Microsoft OLE DB Driver for SQL Server. This allows a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft OLE DB Driver for SQL Server (affected versions not specified) **Description** The issue exists due to insufficient input validation in the Microsoft OLE DB Driver for SQL Server. This allows a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft WDAC OLE DB provider for SQL Server (affected versions not specified) **Description** The issue is related to insufficient input validation in the WDAC OLE DB component for SQL Server on Windows operating systems. This can be exploited by a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Resilient File System (ReFS) (affected versions not specified) **Description** The issue is related to insecure privilege management in the Windows Resilient File System, which can be exploited to elevate privileges. This allows an attacker to affect the system. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.