Kite 代码问题漏洞

Kite is an AI code development tool developed by the Kite company in the United States. Version Kite 4.2.0.1 U1 contains a code vulnerability. This vulnerability stems from an unresolved service path in the KiteService Windows service, which may allow local attackers to gain elevated privileges b...

CVE-2026-40417

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally...

CVE-2026-40369

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-34338

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...

CVE-2026-35417

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

EUVD-2026-29658

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...

EUVD-2026-29603

Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2026-40399

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-34351

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-33837

Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2026-32204

External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...

CVE-2026-33837 Windows TCP/IP Local Elevation of Privilege Vulnerability

...

CVE-2026-40419

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...

CVE-2026-40407

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2026-32177

Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...

EUVD-2026-29472

Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally...

PT-2026-40227

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally...