5149 matches found
CVE-2026-54424
An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...
CVE-2026-54424
An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...
CVE-2026-45499
Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...
CVE-2026-26145 Microsoft Azure Synapse Elevation of Privilege Vulnerability
...
PT-2026-55320
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Online affected versions not specified Description Incorrect authorization allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...
CVE-2026-41121
Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access 'Link Following’ vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-46732
Dell Display and Peripheral Manager (DDPM Mac) is affected. Versions prior to 2.3 suffer from a race condition caused by concurrent execution accessing a shared resource due to improper synchronization. Attackers with local access and low privileges could exploit this to achieve elevation of priv...
EUVD-2026-39402
Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of...
EUVD-2026-38091
Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-48582
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-45480
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-46461
Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
EUVD-2026-37997
Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
PT-2026-51031
Name of the Vulnerable Software and Affected Versions Azure Active Directory affected versions not specified Description Improper authentication allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...
PT-2026-50850
Name of the Vulnerable Software and Affected Versions Dell Server Hardware Manager versions prior to 3.2.2 Description Improper Access Control allows a low privileged attacker with local access to potentially achieve Elevation of privileges, which is the act of gaining higher-level permissions th...
CVE-2026-47647
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...
CVE-2026-32174
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network...
Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability
Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-35067
Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...
CVE-2026-40639
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges...