614 matches found
Windows Backup Service Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Backup Engine allows an authorized attacker to elevate privileges locally...
CVE-2026-58619
Use after free in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally...
CVE-2026-56183
Use after free in Windows MIDI Service Module allows an authorized attacker to elevate privileges locally...
CVE-2026-50689
Use after free in Windows Clipboard Server allows an authorized attacker to elevate privileges locally...
CVE-2026-50673
Null pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-50489
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-50490
Use after free in Windows Installer allows an authorized attacker to elevate privileges locally...
CVE-2026-50466
Use after free in Windows Brokering File System allows an authorized attacker to elevate privileges locally...
CVE-2026-50457
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally...
CVE-2026-50399
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-50353
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally...
CVE-2026-50336
Heap-based buffer overflow in Windows Media allows an authorized attacker to elevate privileges locally...
CVE-2026-57107
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges locally...
CVE-2026-54986
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-49805
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-49798
Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally...
CVE-2026-48572
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows App Installer allows an authorized attacker to elevate privileges locally...
CVE-2026-44800
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-50356
CVE-2026-50356 describes a race-condition in Microsoft Windows App Store caused by concurrent execution using a shared resource with improper synchronization. This allows a locally authenticated attacker to elevate privileges. The fixed details or patch versions are not provided in the connected ...
CVE-2026-50297
CVE-2026-50297 is a Windows Win32K local privilege escalation due to improper access control. The vulnerable component is Win32K; the condition allows an authorized attacker to elevate privileges locally. Base impact is high (C, I, A) with local attack vector and no user interaction required beyo...