5025 matches found
CVE-2026-21522
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...
CVE-2026-21246
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
CVE-2026-21517
Improper link resolution before file access 'link following' in Windows App for Mac allows an authorized attacker to elevate privileges locally...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Windows HTTP.sys Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
Windows Graphics Component Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
PT-2026-7340
Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description An elevation-of-privilege issue exists in the Windows Ancillary Function Driver for WinSock, potentially allowing an attacker to elevate privileges...
KB5075970: Windows Server 2012 R2 Security Update (February 2026)
The remote Windows host is missing security update 5075970. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...
KB5075906: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (February 2026)
The remote Windows host is missing security update 5075906. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Access of resource using incompatible...
CVE-2026-21419
Dell Display and Peripheral Manager Windows versions prior to 2.2 contain an Improper Link Resolution Before File Access 'Link Following' vulnerability in the Installer and Service. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of...
KeepSolid VPN Unlimited 代码问题漏洞
KeepSolid VPN Unlimited is a VPN proxy software developed by the American company KeepSolid. Version 6.1 of KeepSolid VPN Unlimited contains a code vulnerability. This vulnerability stems from an unquoted service path vulnerability. Attackers can exploit this vulnerability by replacing the servic...
CVE-2025-13918
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...
CVE-2025-46691
Dell PremierColor Panel Driver (versions prior to 1.0.0.1 A01) contains an Improper Access Control vulnerability that could enable a local, low-privilege attacker to achieve Elevation of Privileges. Remediation: update to version 1.0.0.1 A01 or later.
CVE-2025-13918 Elevation of Privileges in Symantec Endpoint Protection Windows Client
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...
CVE-2025-13918
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...
PT-2026-5142
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...
Dell PremierColor Panel Driver 访问控制错误漏洞
Dell PremierColor Panel Driver is a high-end monitor color management system from Dell USA. An Access Control Error vulnerability exists in Dell PremierColor Panel Driver versions prior to 1.0.0.1 A01, which stems from improper access control and can be exploited by an attacker to cause elevation...
CVE-2026-21417
Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plaintext Storage of Password vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
Wondershare Driver Install Service 代码问题漏洞
Wondershare Driver Install Service is an auxiliary background service program from China Wondershare. A code issue vulnerability exists in Wondershare Driver Install Service, which stems from an unquoted service path, and can be exploited by an attacker to cause an elevation of privilege...
CVE-2026-24306
Improper access control in Azure Front Door AFD allows an unauthorized attacker to elevate privileges over a network...