CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Microsoft CVE•added 2026/06/09 2:0 p.m.•6 views

Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00152EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•10 views

PT-2026-48039

Name of the Vulnerable Software and Affected Versions Windows Storage affected versions not specified Description An untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. Privilege escalation occurs when an application searches for a required file i...

7CVSS5.2AI score0.00179EPSS

Exploits0References6

Tenable Nessus•added 2026/06/09 12:0 a.m.•8 views

KB5094041: Windows Server 2012 R2 Security Update (June 2026)

The remote Windows host is missing security update 5094041. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...

9.8CVSS6.6AI score0.04297EPSS

Exploits1References66

Cvelist•added 2026/05/22 1:2 p.m.•23 views

CVE-2025-32747

Dell PowerFlex Manager, versions =4.6.2, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

5.3CVSS0.00115EPSS

CNNVD•added 2026/05/19 12:0 a.m.•8 views

OPPO O+ Connect 安全漏洞

OPPO O+ Connect is a multi-device connectivity and data collaboration platform developed by OPPO Corporation in China. There is a security vulnerability in OPPO O+ Connect, which stems from the failure to verify the identity of the caller on the pipeline interface, potentially leading to an...

7.3CVSS5.8AI score0.00106EPSS

EUVD•added 2026/05/12 6:30 p.m.•9 views

EUVD-2026-29660

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.02079EPSS

EUVD•added 2026/05/12 6:30 p.m.•15 views

EUVD-2026-29586

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.02014EPSS

NVD•added 2026/05/12 6:17 p.m.•9 views

CVE-2026-40417

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00272EPSS

Vulnrichment•added 2026/05/12 4:59 p.m.•11 views

CVE-2026-33837 Windows TCP/IP Local Elevation of Privilege Vulnerability

...

7.8CVSS5.8AI score0.01838EPSS

CVE•added 2026/05/12 4:59 p.m.•33 views

CVE-2026-33837

CVE-2026-33837 is a heap-based buffer overflow in Windows TCP/IP that could allow an authenticated local attacker to elevate privileges. The entry notes a local, low-attack-complexity vector with no user interaction required and HIGH impact to confidentiality, integrity, and availability, yieldin...

7.8CVSS5.9AI score0.01838EPSS

Exploits0References1Affected Software14

Microsoft CVE•added 2026/05/12 2:0 p.m.•5 views

Windows Event Logging Service Elevation of Privilege Vulnerability

Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00272EPSS

Microsoft CVE•added 2026/05/12 2:0 p.m.•7 views

Windows DWM Core Library Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00284EPSS

Microsoft CVE•added 2026/05/12 2:0 p.m.•7 views

Windows Telephony Service Elevation of Privilege Vulnerability

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00226EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•9 views

PT-2026-40159

Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00207EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-40220

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.00304EPSS

Vulnrichment•added 2026/05/11 9:39 a.m.•6 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.8AI score0.00104EPSS

Vulnrichment•added 2026/04/27 6:14 p.m.•7 views

CVE-2026-32655

Dell Alienware Command Center AWCC, versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

5.3CVSS5.2AI score0.00104EPSS

EUVD•added 2026/04/20 6:31 p.m.•6 views

EUVD-2026-23917

Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could...

6.3CVSS5.7AI score0.00087EPSS

ATTACKERKB•added 2026/04/16 8:30 a.m.•4 views

CVE-2026-23772

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.3CVSS5.8AI score0.00122EPSS