2144 matches found
CVE-2026-20929
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...
CVE-2026-20849
Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network...
CVE-2026-20848
CVE-2026-20848 describes a race condition in Windows SMB Server caused by concurrent execution over a shared resource with improper synchronization. This vulnerability could allow an authorized attacker to elevate privileges over the network. Connected documents confirm the issue is categorized a...
CVE-2026-20927
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to deny service over a network...
CVE-2026-20926
CVE-2026-20926 describes a race condition in the Windows SMB Server that allows an authorized network attacker to elevate privileges. The vulnerability affects Windows SMB Server components and is tied to concurrent execution on a shared resource with improper synchronization. Mitigation is via M...
CVE-2026-20921
CVE-2026-20921 is a Windows SMB Server vulnerability described as a race condition in a shared resource that could allow an authenticated attacker to elevate privileges over the network. Connected sources indicate this CVE is listed under Windows SMB Server with an exploitability/impact profile (...
CVE-2026-20919
CVE-2026-20919 is a race-condition vulnerability in Windows SMB Server that allows an authorized network attacker to elevate privileges. The issue concerns concurrent access to a shared resource without proper synchronization. Public documentation in the connected sources confirms Windows SMB Ser...
CVE-2026-20919
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-20856
CVE-2026-20856 is a Windows Server Update Services (WSUS) remote code execution vulnerability caused by improper input validation. Exploitation is possible over a network with no user interaction; CVSSv3.1 base score 8.1 (High). Public references note this is addressed by January 2026 security up...
Windows Kerberos Elevation of Privilege Vulnerability
Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network...
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows SMB Server Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
Windows SMB Server Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
Windows SMB Server Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
PT-2026-2701
Name of the Vulnerable Software and Affected Versions Windows Server Update Service affected versions not specified Description A flaw in input validation within Windows Server Update Service could allow a remote attacker to execute code on the network. This could lead to arbitrary code execution...
PT-2026-2696
CVE-2026-20849 Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network. https://t.co/YLkUwVtaPa...
PT-2026-2656
Name of the Vulnerable Software and Affected Versions Microsoft SQL Server affected versions not specified Description A missing authentication check for a critical function in Microsoft SQL Server can allow an authorized attacker to elevate privileges over a network. The issue, caused by missing...
PT-2026-2726
Name of the Vulnerable Software and Affected Versions Windows SMB Server affected versions not specified Description A flaw in Windows SMB Server related to concurrent execution using a shared resource with improper synchronization, specifically a race condition, could allow an authorized attacke...
PT-2026-2720
Name of the Vulnerable Software and Affected Versions Windows Local Security Authority Subsystem Service LSASS affected versions not specified Description A flaw exists in the Windows Local Security Authority Subsystem Service LSASS that could allow an attacker to cause a denial of service over a...