307 matches found
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
May 12, 2026-KB5087064 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 and Windows 10 Version 22H2
May 12, 2026-KB5087064 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 and Windows 10 Version 22H2 Release Date: May 12, 2026 Version: .NET Framework 3.5 and 4.8 The May 12, 2026 update for Windows 10 Version 21H2 and Windows 10 Version 22H2 includes security and...
May 12, 2026-KB5087077 Cumulative Update for .NET Framework 3.5 for Windows 11, version 26H1 (build 28000) and later
May 12, 2026-KB5087077 Cumulative Update for .NET Framework 3.5 for Windows 11, version 26H1 build 28000 and later Release Date: May 12, 2026 Version: .NET Framework 3.5 The May 12, 2026 update installs the complete .NET Framework 3.5 product for Windows 11, version 26H1 build version 28000 and...
CVE-2026-26946
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...
KB5084815 - Description of the security update for SQL Server 2022 GDR: April 14, 2026
KB5084815 - Description of the security update for SQL Server 2022 GDR: April 14, 2026 Summary Known issue in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary...
Microsoft Management Console Elevation of Privilege Vulnerability
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally...
Dell AppSync 安全漏洞
Dell AppSync is a data replication management application from Dell USA. An elevation of privilege vulnerability exists in Dell AppSync version 4.6.0. The vulnerability stems from improper assignment of critical resource privileges and can be exploited by an attacker to cause elevation of privile...
Google Android elevation of privilege vulnerability (CNVD-2026-18786)
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android, which can be exploited by an attacker to cause an application to gain read and write access to non-existent files and local elevation of privilege...
CVE-2026-21421
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...
EUVD-2020-30855
IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would execute with...
CVE-2026-23755
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...
KB5074109: Windows 11 Version 24H2 / Windows 11 Version 25H2 / Windows 2025 Security Update (January 2026)
The remote Windows host is missing security update 5074109. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to execute code over a network. CVE-2026-20854 - An issue was discovered in...
Google Android elevation of privilege vulnerability (CNVD-2025-3067712)
Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to cause an elevation of physical privileges...
Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 (KB5071876)
Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 KB5071876 Original article content This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common...
Windows Installer Elevation of Privilege Vulnerability
Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally...
Intel CIP elevation of privilege vulnerability (CNVD-2025-28675)
Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause elevation of...
WordPress Lisfinity Core plugin elevation of privilege vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An elevation of privilege vulnerability exists in the WordPress Lisfinity Core plugin, which stems from assigning the editor role by default and not restricting API usage, no...
CVE-2025-59192
Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally...
CVE-2025-59207 Windows Kernel Elevation of Privilege Vulnerability
...
Windows Agere Modem Driver Elevation of Privilege Vulnerability
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware depende...