5229 matches found
CVE-2026-15449
A time-of-check to time-of-use TOCTOU flaw in the illumos data-link pseudo-driver dld affects handling of the DLDIOCGETMACPROP and DLDIOCSETMACPROP ioctls on /dev/dld. drviocpropcommon in usr/src/uts/common/io/dld/dlddrv.c copies the dldiocmacpropt ioctl header in once to read its prvalsize field...
CVE-2026-40952
CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location...
CVE-2026-50451
Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...
CVE-2026-49800
CVE-2026-49800 affects Windows Web Proxy Auto-Discovery Protocol (WPAD). Root cause is an integer overflow/wraparound in WPAD handling. Impact described as local privilege escalation for an authorized attacker, with high confidentiality, integrity, and availability impact. No specific exploit det...
CVE-2026-49176
Summary: CVE-2026-49176 is a Windows WalletService elevation of privilege vulnerability described as improper privilege management that could allow an authorized local attacker to escalate privileges. The available sources (NVD/CVE records) confirm the issue but do not provide concrete details on...
Windows Win32k Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...
Microsoft Exchange Server Elevation of Privilege Vulnerability
Insufficient granularity of access control in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally...
Microsoft SQL Server Elevation of Privilege Vulnerability
External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally...
Windows Application Model Core API Elevation of Privilege Vulnerability
Use after free in Windows Application Model allows an authorized attacker to elevate privileges locally...
Win32k Elevation of Privilege Vulnerability
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
Missing authentication for critical function in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...
Windows Runtime Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an authorized attacker to elevate privileges locally...
Content Delivery Manager Elevation of Privilege Vulnerability
Use after free in Content Delivery Manager allows an authorized attacker to elevate privileges locally...
Win32k Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...
.NET Framework Elevation of Privilege Vulnerability
Improper control of generation of code 'code injection' in .NET Framework allows an unauthorized attacker to elevate privileges locally...
Windows NTFS Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to elevate privileges locally...
PT-2026-58719
Name of the Vulnerable Software and Affected Versions .NET Framework affected versions not specified Description Improper control of code generation, known as code injection, allows an unauthorized attacker to elevate privileges locally. This issue enables an attacker who has already established ...
PT-2026-58372
Name of the Vulnerable Software and Affected Versions Windows 11 affected versions not specified Windows Server 2025 affected versions not specified Description A use-after-free issue exists in the Windows Secure Kernel Mode. This flaw allows an authorized attacker to perform a local privilege...
PT-2026-58266
Name of the Vulnerable Software and Affected Versions Windows Admin Center affected versions not specified Description Improper authentication allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that contains a...
PT-2026-58657
Name of the Vulnerable Software and Affected Versions Windows Management Services affected versions not specified Description A use-after-free condition in Windows Management Services allows an authorized attacker to elevate privileges locally. Use-after-free is a memory corruption issue that...