CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...

7.1CVSS6.9AI score0.00465EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:2 p.m.•5 views

CVE-2020-0730

An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...

7.1CVSS6.9AI score0.00569EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:27 a.m.•4 views

CVE-2019-1454

An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...

5.5CVSS6.9AI score0.00281EPSS

Exploits0References1

CISA KEV Catalog•added 2022/04/25 12:0 a.m.•27 views

Microsoft Windows User Profile Service Privilege Escalation Vulnerability

Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation...

7CVSS3.8AI score0.23003EPSS

In wildExploits2

CISA KEV Catalog•added 2022/04/25 12:0 a.m.•31 views

Microsoft Windows User Profile Service Privilege Escalation Vulnerability

Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation...

7CVSS3.8AI score0.00309EPSS

In wildExploits2

VulnCheck KEV•added 2022/04/25 12:0 a.m.•1 views

VulnCheck KEV: CVE-2022-21919

Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation...

7CVSS7.3AI score0.00309EPSS

Exploits2References1

OSV•added 2022/04/15 7:15 p.m.•1 views

CVE-2022-26904

Windows User Profile Service Elevation of Privilege Vulnerability...

7CVSS7.4AI score0.23003EPSS

Exploits2References2

NVD•added 2022/04/15 7:15 p.m.•25 views

CVE-2022-26904

Windows User Profile Service Elevation of Privilege Vulnerability...

7CVSS0.23003EPSS

Exploits2References2

CVE•added 2022/04/15 7:5 p.m.•1111 views

CVE-2022-26904

CVE-2022-26904 is a Windows User Profile Service Elevation of Privilege vulnerability. The issue is a race-condition–driven LPE in the User Profile Service, with attacker-controlled code execution at SYSTEM granted by bypasses and PoCs described in public sources. A Metasploit module exists for t...

7CVSS8.2AI score0.23003EPSS

In wildExploits2References2Affected Software17