5024 matches found
CVE-2026-40371
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
CVE-2026-44802
CVE-2026-44802 is a use-after-free in Windows DWM Core Library that enables a local privilege escalation by an authorized user. CVSS 3.1 base score 7.8 (High) with local attack vector, low attack complexity, and require low privileges with no user interaction; impact to confidentiality, integrity...
CVE-2026-44809
The vulnerability CVE-2026-44809 involves use-after-free in the Windows Common Log File System (CLFS) Driver. An authorized local attacker can elevate privileges. The data provided does not specify affected Windows versions, patch details, or remediation steps. No exploit specifics are documented...
CVE-2026-42911 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2026-42836
CVE-2026-42836: A race condition due to improper synchronization in the Windows Function Discovery Service (fdwsd.dll) enables a locally authenticated attacker to escalate privileges. The issue is described as a concurrency problem with a shared resource. Affected component: Function Discovery Se...
CVE-2026-47281
CVE-2026-47281 affects Visual Studio Code and is due to improper input validation in the application. The vulnerability allegedly allows an unauthenticated attacker to elevate privileges over a network, with the impact described as high confidentiality, integrity, and availability. The CVSS 3.1 v...
CVE-2026-45603
The vulnerability CVE-2026-45603 affects Windows’ Ancillary Function Driver for WinSock (AFD). The issue is a use-after-free in the WinSock-related driver, leading to local privilege escalation for an authorized attacker. The CVSS3.1 assessment shows HIGH impact with LOCAL access, HIGH confidenti...
EUVD-2026-35557
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-45597
The CVE-2026-45597 issue affects Windows UI Automation Manager (uiamanager.dll). A race condition arises from concurrent execution with improper synchronization on a shared resource, enabling a local, authorized attacker to elevate privileges. Documents confirm the vulnerability type and impact (...
CVE-2026-45597 Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability
...
CVE-2026-42828
CVE-2026-42828 describes a buffer over-read in the Windows Projected File System Filter Driver that allows an authorized attacker to elevate privileges locally . The vulnerability is documented with a CVSS v3.1 base score of 7.8 (High) and is assessed as a Local attack vector with Low attack comp...
CVE-2026-34335
Use-after-free in the Windows Ancillary Function Driver for WinSock is the root cause of CVE-2026-34335. The vulnerability can allow an authenticated, local attacker to elevate privileges. The CVSSv3.1 score is 7.0 (High) with local attack vector, high complexity, and requires low privileges and ...
CVE-2026-33828
CVE-2026-33828 affects Windows Device Health Attestation (DHA). The vulnerability is a trust boundary violation in Windows Attestation that allows an authorized local attacker to elevate privileges. CVSS v3.1 base metrics indicate high impact to confidentiality, integrity, and availability with l...
Windows Push Notifications Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Windows SDK Elevation of Privilege Vulnerability
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally...
Windows Projected File System Elevation of Privilege Vulnerability
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...
Microsoft Kinect Elevation of Privilege Vulnerability
Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally...