5149 matches found
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Windows Projected File System Elevation of Privilege Vulnerability
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...
Microsoft Kinect Elevation of Privilege Vulnerability
Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally...
Windows DNS Client Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally...
Windows Push Notifications Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
PT-2026-47970
Name of the Vulnerable Software and Affected Versions .NET affected versions not specified Description Improper authorization in the .NET software platform allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version tha...
PT-2026-47891
Name of the Vulnerable Software and Affected Versions Windows Telephony Service affected versions not specified Description A race condition exists in the Windows Telephony Service due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileg...
PT-2026-48002
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
PT-2026-47929
Name of the Vulnerable Software and Affected Versions Windows DWM Core Library affected versions not specified Description A use after free issue in the Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Use after free is a memory corruption flaw that occurs whe...
PT-2026-47969
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A Time-of-check time-of-use TOCTOU race condition exists in the Program Compatibility Assistant Service. This flaw allows an authorized attacker to elevate privileges locally, enabling them t...
PT-2026-48008
Name of the Vulnerable Software and Affected Versions Microsoft Live Share Canvas SDK affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to elevate privileges over a network...
PT-2026-47990
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
KB5094126: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (June 2026)
The remote Windows host is missing security update 5094126. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2026-42909, CVE-2026-42913, CVE-2026-42985, CVE-2026-42992,...
PT-2026-47904
Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition occurs in Windows Push Notifications due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges...
EUVD-2026-34809
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...
CVE-2026-23663
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...
Admidio 跨站请求伪造漏洞
Admidio is an open source member management system from the Admidio team. The system supports member lists, event management, guestbooks, photo albums, and downloads. A cross-site request forgery vulnerability exists in Admidio version 3.3.5, which stems from cross-site request forgery and could...
CVE-2026-42901
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...