456 matches found
CVE-2026-40952
CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...
EUVD-2026-44779
CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...
CVE-2026-58629
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally...
CVE-2026-50488
Improper neutralization of special elements used in a command 'command injection' in Windows Clipboard User Service allows an authorized attacker to elevate privileges locally...
CVE-2026-50462
External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-50391
Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally...
CVE-2026-50351
Improper access control in Windows Audio Compression Manager ACM allows an authorized attacker to elevate privileges locally...
Windows Win32k Elevation of Privilege Vulnerability
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally...
Microsoft Install Service Elevation of Privilege Vulnerability
Improper privilege management in Microsoft Install Service allows an authorized attacker to elevate privileges locally...
Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Connected User Experiences and Telemetry allows an authorized attacker to elevate privileges locally...
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Heap-based buffer overflow in Universal Plug and Play upnp.dll allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Windows MIDI Service Module Elevation of Privileges Vulnerability
Improper access control in Windows MIDI Service Module allows an authorized attacker to elevate privileges locally...
PT-2026-58331
Name of the Vulnerable Software and Affected Versions Microsoft Install Service affected versions not specified Description Improper privilege management in the Microsoft Install Service allows an authorized attacker to elevate privileges locally, potentially granting full control over the system...
PT-2026-58426
Name of the Vulnerable Software and Affected Versions Windows Runtime affected versions not specified Description A use after free condition in Windows Runtime allows an authorized attacker to elevate privileges locally. Use after free is a memory corruption issue that occurs when an application...
Microsoft PC Manager < 3.22.1.0 Elevation of Privilege (CVE-2026-50438) (July 2026)
The Windows 'Microsoft PC Manager' app installed on the remote host is prior to 3.22.1.0. It is, therefore, affected by an elevation of privilege vulnerability: - A local privilege escalation vulnerability allows an authenticated attacker to escalate privileges beyond the vulnerable component's...
EUVD-2026-35659
Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally...
Windows Push Notifications Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
PT-2026-48039
Name of the Vulnerable Software and Affected Versions Windows Storage affected versions not specified Description An untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. Privilege escalation occurs when an application searches for a required file i...
KB5094041: Windows Server 2012 R2 Security Update (June 2026)
The remote Windows host is missing security update 5094041. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...