35241 matches found
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability
...
CVE-2026-48582
This CVE affects Microsoft Exchange Online. Missing authorization could allow an attacker with low privileges and network access (no user interaction) to elevate privileges (impact: high confidentiality and integrity, no availability impact) per CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N, base...
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability
...
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability
...
CVE-2026-48584
CVE-2026-48584 affects Microsoft Azure Synapse. An authorized attacker with low privileges and network access can execute with unnecessary privileges to elevate to higher privileges across the system, with potential impact to confidentiality, integrity and availability (CVSS 3.1: CRITICAL, AV:N/A...
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability
...
CVE-2026-45480
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-45480
CVE-2026-45480 affects Azure Active Directory; improper authentication enables elevation of privileges over a network. The CVSS 3.1 score is 10.0 (CRITICAL) with network attack vector, no user interaction, and HIGH impact on confidentiality, integrity, and availability. No specific patch version ...
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability
...
CVE-2016-20094 AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege
AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during applicatio...
CVE-2016-20092 NetDrive 2.6.12 Unquoted Service Path Elevation of Privilege
NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2ServiceNetdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that will be executed during service startup or...
CVE-2016-20089
The CVE-2016-20089 entry concerns Iperius Remote 1.7.0, where an unquoted service path vulnerability enables local users to execute arbitrary code with SYSTEM privileges by placing a malicious executable in the service path. The issue is triggered when the software is installed in directories tha...
CVE-2016-20087
Fortitude HTTP 1.0.4.0 contains an unquoted service path vulnerability that enables local privilege escalation by exploiting the service binary path. An attacker can place a malicious executable in the system root, which will run with SYSTEM privileges during service startup or system reboot. Aff...
CVE-2026-46461
Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
EUVD-2026-37997
Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
PT-2026-50850
Name of the Vulnerable Software and Affected Versions Dell Server Hardware Manager versions prior to 3.2.2 Description Improper Access Control allows a low privileged attacker with local access to potentially achieve Elevation of privileges, which is the act of gaining higher-level permissions th...
PT-2026-51031
Name of the Vulnerable Software and Affected Versions Azure Active Directory affected versions not specified Description Improper authentication allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...
CVE-2026-47647
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...
CVE-2026-32174
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network...
CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability
...