Lucene search
+L

5149 matches found

mscve
mscve
added 2026/06/09 2:0 p.m.11 views

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00267EPSS
Exploits0
mscve
mscve
added 2026/06/09 2:0 p.m.11 views

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS7.2AI score0.00179EPSS
Exploits0
mscve
mscve
added 2026/06/09 2:0 p.m.15 views

Windows Projected File System Elevation of Privilege Vulnerability

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00326EPSS
Exploits0
mscve
mscve
added 2026/06/09 2:0 p.m.10 views

Microsoft Kinect Elevation of Privilege Vulnerability

Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00291EPSS
Exploits0
mscve
mscve
added 2026/06/09 2:0 p.m.26 views

Windows DNS Client Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally...

7CVSS5.7AI score0.00274EPSS
Exploits0
mscve
mscve
added 2026/06/09 2:0 p.m.9 views

Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00204EPSS
Exploits1
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.11 views

PT-2026-47970

Name of the Vulnerable Software and Affected Versions .NET affected versions not specified Description Improper authorization in the .NET software platform allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version tha...

7.8CVSS5.2AI score0.00384EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.15 views

PT-2026-47891

Name of the Vulnerable Software and Affected Versions Windows Telephony Service affected versions not specified Description A race condition exists in the Windows Telephony Service due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileg...

7CVSS5.4AI score0.00205EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.12 views

PT-2026-48002

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00286EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.12 views

PT-2026-47929

Name of the Vulnerable Software and Affected Versions Windows DWM Core Library affected versions not specified Description A use after free issue in the Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Use after free is a memory corruption flaw that occurs whe...

7.8CVSS5.3AI score0.00267EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.22 views

PT-2026-47969

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A Time-of-check time-of-use TOCTOU race condition exists in the Program Compatibility Assistant Service. This flaw allows an authorized attacker to elevate privileges locally, enabling them t...

7.8CVSS5.2AI score0.00184EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.21 views

PT-2026-48008

Name of the Vulnerable Software and Affected Versions Microsoft Live Share Canvas SDK affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to elevate privileges over a network...

9CVSS5.2AI score0.00554EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.11 views

PT-2026-47990

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS5.4AI score0.00179EPSS
Exploits0References2
nessus
nessus
added 2026/06/09 12:0 a.m.19 views

KB5094126: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (June 2026)

The remote Windows host is missing security update 5094126. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2026-42909, CVE-2026-42913, CVE-2026-42985, CVE-2026-42992,...

9.8CVSS7.5AI score0.48438EPSS
Exploits8References109
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.16 views

PT-2026-47904

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition occurs in Windows Push Notifications due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges...

7.8CVSS5.9AI score0.00204EPSS
Exploits1References9
euvd
euvd
added 2026/06/05 10:15 a.m.13 views

EUVD-2026-34809

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

6.9CVSS5.6AI score0.00105EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/01 12:0 a.m.11 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...

6.7CVSS5.3AI score0.00114EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/05/26 2:12 p.m.31 views

CVE-2026-23663

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.8AI score0.00551EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/25 12:0 a.m.12 views

Admidio 跨站请求伪造漏洞

Admidio is an open source member management system from the Admidio team. The system supports member lists, event management, guestbooks, photo albums, and downloads. A cross-site request forgery vulnerability exists in Admidio version 3.3.5, which stems from cross-site request forgery and could...

6.9CVSS5.7AI score0.00192EPSS
Exploits0References4
nvd
nvd
added 2026/05/22 11:16 p.m.38 views

CVE-2026-42901

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.00301EPSS
Exploits0References1
Rows per page
Query Builder