Lucene search
+L

5229 matches found

NVD
NVD
added yesterday5 views

CVE-2026-15449

A time-of-check to time-of-use TOCTOU flaw in the illumos data-link pseudo-driver dld affects handling of the DLDIOCGETMACPROP and DLDIOCSETMACPROP ioctls on /dev/dld. drviocpropcommon in usr/src/uts/common/io/dld/dlddrv.c copies the dldiocmacpropt ioctl header in once to read its prvalsize field...

5.8CVSS
Exploits0References3
NVD
NVD
added 2 days ago5 views

CVE-2026-40952

CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...

8.5CVSS0.00105EPSS
Exploits0References1
NVD
NVD
added 3 days ago3 views

CVE-2026-50451

Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

7.1CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 3 days ago9 views

CVE-2026-49800

CVE-2026-49800 affects Windows Web Proxy Auto-Discovery Protocol (WPAD). Root cause is an integer overflow/wraparound in WPAD handling. Impact described as local privilege escalation for an authorized attacker, with high confidentiality, integrity, and availability impact. No specific exploit det...

7.8CVSS6.1AI score0.00245EPSS
Exploits0References1Affected Software9
CVE
CVE
added 3 days ago8 views

CVE-2026-49176

Summary: CVE-2026-49176 is a Windows WalletService elevation of privilege vulnerability described as improper privilege management that could allow an authorized local attacker to escalate privileges. The available sources (NVD/CVE records) confirm the issue but do not provide concrete details on...

7.8CVSS6AI score0.00245EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 3 days ago4 views

Windows Win32k Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.01725EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago6 views

Microsoft Exchange Server Elevation of Privilege Vulnerability

Insufficient granularity of access control in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00219EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago4 views

Microsoft SQL Server Elevation of Privilege Vulnerability

External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00241EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago5 views

Windows Application Model Core API Elevation of Privilege Vulnerability

Use after free in Windows Application Model allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00245EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago3 views

Win32k Elevation of Privilege Vulnerability

Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score0.02087EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago5 views

Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

7.1CVSS6.1AI score0.00222EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago5 views

Windows Runtime Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an authorized attacker to elevate privileges locally...

8.8CVSS6.2AI score0.00188EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago4 views

Content Delivery Manager Elevation of Privilege Vulnerability

Use after free in Content Delivery Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00188EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago7 views

Win32k Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...

8.8CVSS6.2AI score0.00369EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago6 views

.NET Framework Elevation of Privilege Vulnerability

Improper control of generation of code 'code injection' in .NET Framework allows an unauthorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00285EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 3 days ago7 views

Windows NTFS Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00318EPSS
Exploits0
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-58719

Name of the Vulnerable Software and Affected Versions .NET Framework affected versions not specified Description Improper control of code generation, known as code injection, allows an unauthorized attacker to elevate privileges locally. This issue enables an attacker who has already established ...

7.8CVSS6AI score0.00285EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-58372

Name of the Vulnerable Software and Affected Versions Windows 11 affected versions not specified Windows Server 2025 affected versions not specified Description A use-after-free issue exists in the Windows Secure Kernel Mode. This flaw allows an authorized attacker to perform a local privilege...

7CVSS6.1AI score0.00225EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-58266

Name of the Vulnerable Software and Affected Versions Windows Admin Center affected versions not specified Description Improper authentication allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that contains a...

7.8CVSS6.1AI score0.00219EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-58657

Name of the Vulnerable Software and Affected Versions Windows Management Services affected versions not specified Description A use-after-free condition in Windows Management Services allows an authorized attacker to elevate privileges locally. Use-after-free is a memory corruption issue that...

7CVSS6AI score0.00234EPSS
Exploits0References5
Rows per page
Query Builder