2327 matches found
CVE-2026-20870
CVE-2026-20870 corresponds to a Use-after-free vulnerability in Windows Win32K, specifically in the ICOMP component, enabling a locally authenticated attacker to achieve elevation of privileges . The root cause is a memory-management issue in Win32K ICOMP leading to use-after-free conditions that...
CVE-2026-20863 Win32k Elevation of Privilege Vulnerability
...
CVE-2026-20863 Win32k Elevation of Privilege Vulnerability
...
CVE-2026-20863
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
CVE-2026-20863
CVE-2026-20863 is a local privilege escalation in Windows Win32K (ICOMP) caused by a double-free condition. Exploitable by an authorized local attacker with LOW privileges and no user interaction, leading to SYSTEM-level access as described in multiple feeds. Connected documents confirm a Win32K ...
CVE-2026-20920
CVE-2026-20920 is a local elevation-of-privileges vulnerability in Microsoft Windows Win32K (ICOMP). The description indicates a use-after-free in Win32K that could allow an authorized user to elevate privileges locally. Public details in connected documents confirm affected scope includes Window...
CVE-2026-20920 Win32k Elevation of Privilege Vulnerability
...
CVE-2026-20920
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
CVE-2026-20811 Win32k Elevation of Privilege Vulnerability
...
CVE-2026-20811
CVE-2026-20811 is a local privilege escalation in Windows Win32K (ICOMP) caused by type confusion. Exploit would grant elevated privileges to an authorized user on the same host. Microsoft’s January 2026 updates address this family of issues (e.g., KB5074109/KB5073457 for affected Windows version...
CVE-2026-20811 Win32k Elevation of Privilege Vulnerability
...
PT-2026-2708
CVE-2026-20863 Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. https://t.co/OJll1df465...
Microsoft Win32k 资源管理错误漏洞
Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. Microsoft Win32k is vulnerable to a resource management error. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected: Windows Server...
Microsoft Win32k 安全漏洞
Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. A security vulnerability exists in Microsoft Win32k. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected: Windows Server 2022,Windows Server 2022...
CVE-2025-62458
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...
CVE-2025-62458
CVE-2025-62458 is a Windows Win32K GRFX elevation-of-privilege vulnerability (heap-based overflow) that enables local privilege escalation by an authorized user. Connected sources confirm the issue is associated with Windows Win32K GRFX components and is part of Microsoft’s December 2025 patch cy...
CVE-2025-62458 Win32k Elevation of Privilege Vulnerability
...
CVE-2025-62458 Win32k Elevation of Privilege Vulnerability
...
KLA90811 Multiple vulnerabilities in Microsoft Product (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, spoof user interface, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a...
KB5071544: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2025)
The remote Windows host is missing security update 5071544. It is, therefore, affected by multiple vulnerabilities - Untrusted pointer dereference in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network. CVE-2025-62549 - Out-of-bounds read ...