5222 matches found
CVE-2026-40952
CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...
CVE-2026-50451
Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...
CVE-2026-49800
CVE-2026-49800 affects Windows Web Proxy Auto-Discovery Protocol (WPAD). Root cause is an integer overflow/wraparound in WPAD handling. Impact described as local privilege escalation for an authorized attacker, with high confidentiality, integrity, and availability impact. No specific exploit det...
CVE-2026-49176
Summary: CVE-2026-49176 is a Windows WalletService elevation of privilege vulnerability described as improper privilege management that could allow an authorized local attacker to escalate privileges. The available sources (NVD/CVE records) confirm the issue but do not provide concrete details on...
Windows NTFS Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to elevate privileges locally...
.NET Framework Elevation of Privilege Vulnerability
Improper control of generation of code 'code injection' in .NET Framework allows an unauthorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...
Win32k Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...
Windows Runtime Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an authorized attacker to elevate privileges locally...
Windows Application Model Core API Elevation of Privilege Vulnerability
Use after free in Windows Application Model allows an authorized attacker to elevate privileges locally...
Content Delivery Manager Elevation of Privilege Vulnerability
Use after free in Content Delivery Manager allows an authorized attacker to elevate privileges locally...
PT-2026-58266
Name of the Vulnerable Software and Affected Versions Windows Admin Center affected versions not specified Description Improper authentication allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that contains a...
PT-2026-58372
Name of the Vulnerable Software and Affected Versions Windows 11 affected versions not specified Windows Server 2025 affected versions not specified Description A use-after-free issue exists in the Windows Secure Kernel Mode. This flaw allows an authorized attacker to perform a local privilege...
PT-2026-58719
Name of the Vulnerable Software and Affected Versions .NET Framework affected versions not specified Description Improper control of code generation, known as code injection, allows an unauthorized attacker to elevate privileges locally. This issue enables an attacker who has already established ...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
CVE-2026-46730
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with...
EUVD-2026-40781
Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-14094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious...
DEBIAN-CVE-2026-14060
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Low...
DEBIAN-CVE-2026-13827
Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...