23757 matches found
Microsoft SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
Windows Runtime Elevation of Privilege Vulnerability
Use after free in Windows Runtime allows an authorized attacker to elevate privileges over a network...
Microsoft SharePoint Elevation of Privilege Vulnerability
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network...
M365 Copilot for iOS Elevation of Privilege Vulnerability
Improper access control in Microsoft 365 Copilot for iOS allows an unauthorized attacker to elevate privileges over a network...
Windows SMB Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an authorized attacker to elevate privileges over a network...
Oracle WebLogic Server - Remote Code Execution
Oracle WebLogic Server Oracle Fusion Middleware component: WLS Core Components is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated...
PT-2026-58804
Name of the Vulnerable Software and Affected Versions .NET affected versions not specified Description Incorrect authorization allows an unauthorized attacker to bypass a security feature over a network without requiring a login or user interaction. Recommendations At the moment, there is no...
PT-2026-60102
Name of the Vulnerable Software and Affected Versions Anyquery affected versions not specified Description When operating in server mode, the software does not restrict outbound HTTP requests initiated by built-in SQLite virtual table modules, such as json reader and log reader. Unauthenticated...
PT-2026-58461
Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS affected versions not specified Description A use after free flaw in Microsoft Windows DNS allows an unauthorized attacker to elevate privileges over a network. Use after free is a memory corruption issue that occurs when...
PT-2026-58351
Name of the Vulnerable Software and Affected Versions Windows Remote Desktop Services affected versions not specified Description A use after free condition in Windows Remote Desktop Services allows an authorized attacker to elevate privileges over a network. Use after free is a memory corruption...
PT-2026-58609
Name of the Vulnerable Software and Affected Versions Windows Network File System affected versions not specified Description A heap-based buffer overflow occurs in the Windows Network File System. This issue allows an authorized attacker to elevate privileges over a network. A heap-based buffer...
PT-2026-58505
Name of the Vulnerable Software and Affected Versions Windows DHCP Server affected versions not specified Description A double free issue exists in the Windows DHCP Server, which could allow an authorized attacker to execute arbitrary code over a network. A double free occurs when the program...
PT-2026-58197
Name of the Vulnerable Software and Affected Versions Azure Spring Apps affected versions not specified Description Improper authentication allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that contain...
PT-2026-58408
Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description An out-of-bounds read in the Windows Kernel allows an unauthorized attacker to disclose information over a network. This issue enables remote data leaks without requiring a login...
PT-2026-58556
Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Missing authorization allows an authorized attacker to elevate privileges over a network, which enables them to affect the system. Recommendations At the moment, there is ...
UBUNTU-CVE-2026-47300
Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network...
PT-2026-58525
Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network...
Oracle WebLogic Server Administration Console - Remote Code Execution
The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services versions 0.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. id:...
CVE-2026-58596
Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...