Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Kernel allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio allows an authorized attacker to execute code locally.
Improper neutralization of input during web page generation (‘cross-site scripting’) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Improper neutralization of input during web page generation (‘cross-site scripting’) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
