A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file.

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a malicious executable file. Successful exploitation of this issue can lead to local privilege escalation.

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file.

An elevation of privilege vulnerability exists in Microsoft Windows. A malicious user can bypass a security check in Windows to read and write registry hive files under a hidden registry hive which could enable an elevation of privilege. Successful exploitation could allow an attacker to run arbitrary code or access protected files with elevated privileges.

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to an error in the way windows kernel handles session objects in concurrent logins. Successful exploitation may lead to a malicious user gaining access to a victim user’s session.

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file.

An old vulnerability has been reintroduced in certain versions of the Linux Kernel that could be exploited by local unprivileged users to elevate their default system designated privileges to the higher kernel level privileges. The vulnerability is due to an error that kernel does not zero-extend x86_64 registers in the 32bit entry path on x86_64 platforms. An attacker could elevate their local privilege resulting in a privilege escalation.

An elevation of privilege vulnerability exists in Microsoft Windows Server. The vulnerability is caused when Microsoft Windows fails to handle executable programs being ran by two users. A remote attacker can exploit this issue by enticing a victim to run a specially crafted file.

An information disclosure vulnerability has been reported in Microsoft Internet Explorer and EDGE browsers. The vulnerability is due to improperly handling requests for module resources. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer or EDGE.