Lucene search
+L

456 matches found

attackerkb
attackerkb
added 2 days ago2 views

CVE-2026-40952

CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...

8.5CVSS6.1AI score0.00105EPSS
Exploits0References2
euvd
euvd
added 2 days ago6 views

EUVD-2026-44779

CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...

8.5CVSS6.1AI score0.00105EPSS
Exploits0References1
nvd
nvd
added 3 days ago5 views

CVE-2026-58629

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally...

7CVSS0.00234EPSS
Exploits0References1
nvd
nvd
added 3 days ago3 views

CVE-2026-50488

Improper neutralization of special elements used in a command 'command injection' in Windows Clipboard User Service allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00574EPSS
Exploits0References1
nvd
nvd
added 3 days ago3 views

CVE-2026-50462

External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00313EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-50391

Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00284EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-50351

Improper access control in Windows Audio Compression Manager ACM allows an authorized attacker to elevate privileges locally...

7.8CVSS0.02507EPSS
Exploits0References1
mscve
mscve
added 3 days ago5 views

Windows Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.01725EPSS
Exploits0
mscve
mscve
added 3 days ago5 views

Microsoft Install Service Elevation of Privilege Vulnerability

Improper privilege management in Microsoft Install Service allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.02545EPSS
Exploits0
mscve
mscve
added 3 days ago5 views

Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Connected User Experiences and Telemetry allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00318EPSS
Exploits0
mscve
mscve
added 3 days ago9 views

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Heap-based buffer overflow in Universal Plug and Play upnp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00364EPSS
Exploits0
mscve
mscve
added 3 days ago4 views

Windows Hyper-V Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

8.2CVSS6.2AI score0.00359EPSS
Exploits0
mscve
mscve
added 3 days ago7 views

Windows MIDI Service Module Elevation of Privileges Vulnerability

Improper access control in Windows MIDI Service Module allows an authorized attacker to elevate privileges locally...

8.8CVSS6.1AI score0.00219EPSS
Exploits0
ptsecurity
ptsecurity
added 3 days ago5 views

PT-2026-58331

Name of the Vulnerable Software and Affected Versions Microsoft Install Service affected versions not specified Description Improper privilege management in the Microsoft Install Service allows an authorized attacker to elevate privileges locally, potentially granting full control over the system...

7.8CVSS6.1AI score0.02545EPSS
Exploits0References6
ptsecurity
ptsecurity
added 3 days ago4 views

PT-2026-58426

Name of the Vulnerable Software and Affected Versions Windows Runtime affected versions not specified Description A use after free condition in Windows Runtime allows an authorized attacker to elevate privileges locally. Use after free is a memory corruption issue that occurs when an application...

7CVSS6.3AI score0.00204EPSS
Exploits0References3
nessus
nessus
added 3 days ago4 views

Microsoft PC Manager < 3.22.1.0 Elevation of Privilege (CVE-2026-50438) (July 2026)

The Windows 'Microsoft PC Manager' app installed on the remote host is prior to 3.22.1.0. It is, therefore, affected by an elevation of privilege vulnerability: - A local privilege escalation vulnerability allows an authenticated attacker to escalate privileges beyond the vulnerable component's...

8.8CVSS6.1AI score0.00278EPSS
Exploits0References2
euvd
euvd
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35659

Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00291EPSS
Exploits0References2
mscve
mscve
added 2026/06/09 2:0 p.m.12 views

Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00185EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.17 views

PT-2026-48039

Name of the Vulnerable Software and Affected Versions Windows Storage affected versions not specified Description An untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. Privilege escalation occurs when an application searches for a required file i...

7CVSS5.2AI score0.00218EPSS
Exploits0References6
nessus
nessus
added 2026/06/09 12:0 a.m.18 views

KB5094041: Windows Server 2012 R2 Security Update (June 2026)

The remote Windows host is missing security update 5094041. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...

9.8CVSS6.6AI score0.21506EPSS
Exploits2References66
Rows per page
Query Builder