23954 matches found
CVE-2026-47645
Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-48582
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-48584
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network...
CVE-2016-20087
Fortitude HTTP 1.0.4.0 contains an unquoted service path vulnerability that enables local privilege escalation by exploiting the service binary path. An attacker can place a malicious executable in the system root, which will run with SYSTEM privileges during service startup or system reboot. Aff...
CVE-2026-47647
CVE-2026-47647 relates to Microsoft Dynamics 365 and involves an improper access control that enables an authorized attacker to perform a network-based privilege escalation. The CVSS 3.1 metrics indicate a high-severity, network-exposed issue with low attack complexity and low privileges required...
CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability
...
CVE-2026-32174
CVE-2026-32174 concerns improper authentication in Azure Bot Service , enabling an authorized attacker to achieve privilege elevation over a network . The CVSS v3.1 base score is 7.7 (HIGH) with impact to Integrity (HIGH) and no confidentiality impact, no availability impact. Root cause: flawed a...
CVE-2026-32174 Azure Bot Service Elevation of Privilege Vulnerability
...
Dynamics 365 Elevation of Privilege Vulnerability
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...
Azure Bot Service Elevation of Privilege Vulnerability
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network...
Azure Active Directory Elevation of Privilege Vulnerability
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network...
Microsoft Exchange Online Elevation of Privilege Vulnerability
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-50656
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the...
CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability
...
CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability
...
CVE-2026-40404
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...
CVE-2026-40409
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...
CVE-2026-34691
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when th...
Microsoft and Adobe Patch Tuesday, June 2026 Security Update Review
Every Patch Tuesday presents a race between defenders applying fixes and attackers seeking opportunities. Microsoft’s June 2026 release is no exception, delivering security updates for vulnerabilities that could significantly impact enterprise environments if left unaddressed. Microsoft Patch...
EUVD-2026-35655
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...