EUVD-2026-29635

Insufficient granularity of access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally...

Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...

Microsoft Defender Insufficient Granularity of Access Control Vulnerability

Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally...

Microsoft Defender Elevation of Privilege Vulnerability

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally...

PT-2026-32884

Name of the Vulnerable Software and Affected Versions Microsoft Defender versions prior to 4.18.26030.3011 Windows 10 affected versions not specified Windows 11 affected versions not specified Windows Server 2019 and later affected versions not specified Description Microsoft Defender contains an...

CVE-2025-8053

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....

CVE-2025-8053

CVE-2025-8053 affects OpenText Flipper v3.1.2. The issue is an insufficient granularity of access control that could allow a low-privilege user to interact with the backend API without proper privileges. The vulnerability centers on how access controls are configured for Flipper’s backend API, en...

OpenText Flipper 安全漏洞

OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2 that stems from insufficient access control granularity and could lead to elevation of privilege...

OESA-2025-2071 microcode_ctl security update

Security Fixes: Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.CVE-2025-20053 Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Email Contact prior to version 2.0.4, which stems from the inclusion of an insufficient access control granularity vulnerability...

CVE-2023-0203

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service...

PT-2023-16084 · Nvidia · Nvidia Connectx6-Dx +2

Name of the Vulnerable Software and Affected Versions: NVIDIA ConnectX-5 affected versions not specified NVIDIA ConnectX-6 affected versions not specified NVIDIA ConnectX6-DX affected versions not specified Description: The issue is related to insufficient granularity of access control in the NIC...

CVE-2021-31384

Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any...