23978 matches found
CVE-2026-54998
CVE-2026-54998 describes an incorrect authorization in Microsoft Exchange Online that enables an authorized attacker to elevate privileges over a network. This vulnerability impacts Exchange Online’s authorization checks, allowing escalation of access from an existing authorized state. The CVSS 3...
CVE-2026-26145
Technical details (affected product/component, root cause, impact, versions, or remediation) are not publicly provided in the supplied documents. Monitor updates from official sources for concrete information.
CVE-2026-45499
Technical details for CVE-2026-45499 are not publicly available in the provided documents. Monitor for updates; current sources only reiterate the SSRF elevation in Azure OpenAI without specification of affected products, versions, or fixes.
CVE-2026-57100
Technical details on affected products/versions, root cause, exploit scenarios, or mitigations are not publicly provided in the supplied documents. Monitor official sources for updates.
BIT-DOTNET-SDK-2026-35433 .NET Elevation of Privilege Vulnerability
Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...
BIT-DOTNET-2026-35433 .NET Elevation of Privilege Vulnerability
Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...
CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability
...
CVE-2026-47645
Summary: CVE-2026-47645 is an open redirect vulnerability in Microsoft 365 Copilot’s Business Chat that can lead to privilege escalation over a network. The issue is described across sources (NVD/MSRC/CVE records) as a url redirection to an untrusted site, with a CVSS v3.1 base score of 8.8 (HIGH...
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability
...
CVE-2026-48582
This CVE affects Microsoft Exchange Online. Missing authorization could allow an attacker with low privileges and network access (no user interaction) to elevate privileges (impact: high confidentiality and integrity, no availability impact) per CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N, base...
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability
...
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability
...
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability
...
CVE-2026-48584
CVE-2026-48584 affects Microsoft Azure Synapse. An authorized attacker with low privileges and network access can execute with unnecessary privileges to elevate to higher privileges across the system, with potential impact to confidentiality, integrity and availability (CVSS 3.1: CRITICAL, AV:N/A...
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability
...
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability
...
CVE-2016-20094 AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege
AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during applicatio...
CVE-2016-20092 NetDrive 2.6.12 Unquoted Service Path Elevation of Privilege
NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2ServiceNetdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that will be executed during service startup or...
CVE-2016-20087
Fortitude HTTP 1.0.4.0 contains an unquoted service path vulnerability that enables local privilege escalation by exploiting the service binary path. An attacker can place a malicious executable in the system root, which will run with SYSTEM privileges during service startup or system reboot. Aff...
Astra Linux – Vulnerability in Samba
Netlogon RPC Elevation of Privilege Vulnerability...