5147 matches found
CVE-2026-49162
CVE-2026-49162 is a use-after-free in Microsoft Brokering File System leading to local privilege escalation for an authenticated user; CVSSv3.1 indicates high impact (C/H, I/H, A/H) with local exploit required and low privileges. Public details in the connected documents do not specify affected p...
CVE-2026-42982
CVE-2026-42982 affects Windows Secure Kernel Mode. The issue is improper validation of input consistency within that subsystem, enabling an authorized user to escalate privileges locally. The vulnerability is described as a local, user‑level privilege escalation with high impact (confidentiality,...
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
Time-of-check time-of-use toctou race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally...
Windows Overlay Filter Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Overlay Filter allows an authorized attacker to elevate privileges locally...
Windows USB Print Driver Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows USB Print Driver allows an authorized attacker to elevate privileges locally...
Windows DNS Client Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows DNS allows an authorized attacker to elevate privileges locally...
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...
NTFS Elevation of Privilege Vulnerability
Incorrect conversion between numeric types in Windows NTFS allows an authorized attacker to elevate privileges locally...
Windows Runtime Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an authorized attacker to elevate privileges locally...
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows DirectX allows an authorized attacker to elevate privileges locally...
Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability
Improper certificate validation in Azure Monitor Agent allows an unauthorized attacker to elevate privileges over an adjacent network...
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Deserialization of untrusted data in Windows Wireless Wide Area Network Service allows an authorized attacker to elevate privileges locally...
Windows Runtime Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an authorized attacker to elevate privileges locally...
Windows Media Elevation of Privilege Vulnerability
Use after free in Windows Media allows an authorized attacker to elevate privileges locally...
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...
Windows Kernel Elevation of Privilege Vulnerability
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
Windows Network Connections Service Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Wireless Wide Area Network Service allows an authorized attacker to elevate privileges locally...
Windows Sensor Data Service Elevation of Privilege Vulnerability
Incorrect access of indexable resource 'range error' in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally...
Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Connected User Experiences and Telemetry allows an authorized attacker to elevate privileges locally...