235 matches found
CVE-2026-21240 Windows HTTP.sys Elevation of Privilege Vulnerability
...
CVE-2026-21240 Windows HTTP.sys Elevation of Privilege Vulnerability
...
CVE-2026-21240
Time-of-check time-of-use toctou race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
CVE-2026-21240
CVE-2026-21240 describes a local, authenticated TOCTOU race in Windows HTTP.sys that can allow privilege escalation. Affected component: Windows HTTP.sys. Root cause: time-of-check/time-of-use race condition. Impact: high (local escalation of privileges, potential confidentiality, integrity, and ...
CVE-2026-21250
CVE-2026-21250 : Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. The CVSS 3.1 vector (Local, Low attack complexity, Low privileges required, No user interaction) yields a base score of 7.8 (HIGH). Documented impact is local privilege ...
CVE-2026-21250 Windows HTTP.sys Elevation of Privilege Vulnerability
...
CVE-2026-21250
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
Windows HTTP.sys Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
Windows HTTP.sys Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
Windows HTTP.sys Elevation of Privilege Vulnerability
Time-of-check time-of-use toctou race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
PT-2026-7344
Time-of-check time-of-use toctou race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
PT-2026-7337
Name of the Vulnerable Software and Affected Versions Windows HTTP.sys affected versions not specified Description An issue exists in Windows HTTP.sys where an untrusted pointer dereference can allow a locally authenticated attacker to gain elevated privileges. The issue allows attackers to affec...
CVE-2026-20929
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...
CVE-2026-20929
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...
CVE-2026-20929
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...
CVE-2026-20929 Windows HTTP.sys Elevation of Privilege Vulnerability
...
CVE-2026-20929
CVE-2026-20929 concerns Windows HTTP.sys. The vulnerability is described as improper access control that could allow an authorized attacker to elevate privileges over the network. The connected documents corroborate Windows HTTP.sys involvement and list CVSS about 7.5–7.5+ with impact: obtaining ...
CVE-2026-20929
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...
CVE-2026-20929 Windows HTTP.sys Elevation of Privilege Vulnerability
...
Windows HTTP.sys Elevation of Privilege Vulnerability
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...