4832 matches found
CVE-2025-29838
Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally...
CVE-2025-27468
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally...
CVE-2025-27468
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally...
CVE-2025-26684
CVE-2025-26684 is a Microsoft Defender Elevation of Privilege vulnerability in Defender for Endpoint where external control of a file name or path enables a locally authenticated attacker with high privileges to elevate to a higher privilege level. The CVSSv3.1 base score is 6.7 (Medium) with loc...
c-ares: c-ares has a use-after-free in read_answers()
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...
CVE-2025-44039
CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive...
CVE-2025-3916
CWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local attackers being able to exploit these issues to potentially execute arbitrary code while the end user opens a malicious project file SSD file provided by the attacker...
CVE-2025-3916
CWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local attackers being able to exploit these issues to potentially execute arbitrary code while the end user opens a malicious project file SSD file provided by the attacker...
xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability
A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...
Microsoft Defender Elevation of Privilege Vulnerability
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally...
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
CVE-2025-32706
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2025-32701
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2025-20973
Name of the Vulnerable Software and Affected Versions Microsoft Brokering File System affected versions not specified Description An elevation-of-privilege issue exists in the Microsoft Brokering File System. This allows an authorized attacker to elevate privileges locally. The issue is related t...
CVE-2025-30400
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2025-20937 · Microsoft · Windows Kernel +1
Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: A heap-based buffer overflow issue in the Windows Kernel allows an authorized attacker to elevate privileges locally. This elevation-of-privilege issue can affect the system...