Lucene search
K

5222 matches found

NVD
NVD
added 2 hours ago3 views

CVE-2026-40952

CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...

8.5CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-50451

Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

7.1CVSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-49800

CVE-2026-49800 affects Windows Web Proxy Auto-Discovery Protocol (WPAD). Root cause is an integer overflow/wraparound in WPAD handling. Impact described as local privilege escalation for an authorized attacker, with high confidentiality, integrity, and availability impact. No specific exploit det...

7.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-49176

Summary: CVE-2026-49176 is a Windows WalletService elevation of privilege vulnerability described as improper privilege management that could allow an authorized local attacker to escalate privileges. The available sources (NVD/CVE records) confirm the issue but do not provide concrete details on...

7.8CVSS6AI score
Exploits0References1
Microsoft CVE
Microsoft CVE
added yesterday4 views

Windows NTFS Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score
Exploits0
Microsoft CVE
Microsoft CVE
added yesterday3 views

.NET Framework Elevation of Privilege Vulnerability

Improper control of generation of code 'code injection' in .NET Framework allows an unauthorized attacker to elevate privileges locally...

7.8CVSS6.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added yesterday4 views

Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

7.1CVSS6.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added yesterday5 views

Win32k Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...

8.8CVSS6.2AI score
Exploits0
Microsoft CVE
Microsoft CVE
added yesterday5 views

Windows Runtime Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an authorized attacker to elevate privileges locally...

8.8CVSS6.2AI score
Exploits0
Microsoft CVE
Microsoft CVE
added yesterday5 views

Windows Application Model Core API Elevation of Privilege Vulnerability

Use after free in Windows Application Model allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added yesterday4 views

Content Delivery Manager Elevation of Privilege Vulnerability

Use after free in Content Delivery Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-58266

Name of the Vulnerable Software and Affected Versions Windows Admin Center affected versions not specified Description Improper authentication allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that contains a...

7.8CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-58372

Name of the Vulnerable Software and Affected Versions Windows 11 affected versions not specified Windows Server 2025 affected versions not specified Description A use-after-free issue exists in the Windows Secure Kernel Mode. This flaw allows an authorized attacker to perform a local privilege...

7CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-58719

Name of the Vulnerable Software and Affected Versions .NET Framework affected versions not specified Description Improper control of code generation, known as code injection, allows an unauthorized attacker to elevate privileges locally. This issue enables an attacker who has already established ...

7.8CVSS6AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 5 days ago8 views

kernel: rtmutex: Use waiter::task instead of current in remove_waiter()

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS6.2AI score0.00125EPSS
Exploits17References6
Vulnrichment
Vulnrichment
added 2026/07/03 12:54 p.m.8 views

CVE-2026-46730

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with...

4.2CVSS6AI score0.00116EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40781

Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...

5.8AI score0.00089EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-14094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious...

7.8CVSS6.2AI score0.00089EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14060

Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Low...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.4 views

DEBIAN-CVE-2026-13827

Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...

7.8CVSS5.8AI score0.00109EPSS
Exploits0References1
Rows per page
Query Builder