4824 matches found
CVE-2026-35433
Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...
EUVD-2026-29572
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...
CVE-2026-20717
CVE-2026-20717 describes improper input validation in some Intel QAT software drivers for Windows prior to version 1.13, exploitable in Ring 3 (local). An authenticated, low-privilege user could cause a denial of service with a low=confidentiality and integrity impact and a high availability impa...
Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability
Improper access control in Windows Filtering Platform WFP allows an authorized attacker to bypass a security feature locally...
Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
M365 Copilot for Desktop Spoofing Vulnerability
Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...
Windows Rich Text Edit Elevation of Privilege Vulnerability
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally...
Windows Print Spooler Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...
PT-2026-40176
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...
PT-2026-40134
Name of the Vulnerable Software and Affected Versions Microsoft Teams affected versions not specified Description Files or directories accessible to external parties allow an unauthorized attacker to perform spoofing locally. This issue represents a failure in the trust boundary where identity ca...
PT-2026-40144
Name of the Vulnerable Software and Affected Versions Windows TCP/IP affected versions not specified Description A heap-based buffer overflow in the tcpip.sys driver allows an authorized low-privilege attacker to perform a local privilege escalation to the kernel level. A heap-based buffer overfl...
PT-2026-40230
Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally...
PT-2026-40075
Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...
PT-2026-40246
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
PT-2026-40241
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally...
PT-2026-40142
Name of the Vulnerable Software and Affected Versions Windows Event Logging Service affected versions not specified Description Improper access control in the Windows Event Logging Service allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no...
PT-2026-40178
Name of the Vulnerable Software and Affected Versions Windows Win32K affected versions not specified Description A type confusion issue in the ICOMP component of Windows Win32K allows an authorized attacker to elevate privileges locally. Type confusion occurs when a program accesses a resource...
PT-2026-40202
Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Description An untrusted pointer dereference allows an unauthorized attacker to execute arbitrary code locally and remotely, affecting the system. A pointer dereference occurs when a progra...
PT-2026-40091
Buffer overflow for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...
PT-2026-40239
Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot for Android affected versions not specified Description Improper access control in the intelligent virtual assistant allows an authorized attacker to perform spoofing attacks locally. Spoofing is a technique where a perso...