CVE-2025-59220

CVE-2025-59220 involves a race condition in the Microsoft Windows Bluetooth Service, caused by improper synchronization of shared resources. The vulnerability enables an authenticated, local attacker to elevate privileges. The connected CNVD entry describes a resource-management error in the Wind...

CVE-2025-59216

CVE-2025-59216 concerns Microsoft Graphics Component, a graphics driver component. The vulnerability arises from a race-condition caused by improper synchronization when accessing a shared resource, enabling a local attacker with low privileges to elevate privileges. Public sources describe the i...

Microsoft Graphics Component 资源管理错误漏洞

Microsoft Graphics Component is a graphics driver component of Microsoft Corporation, USA. A resource management error vulnerability exists in Microsoft Graphics Component, which stems from reuse after release and can be exploited by an attacker to cause a local elevation of privilege...

Microsoft Teams for Desktop < 25163.3611.3774.6315 Elevation of Privilege (July 2025)

The version of Microsoft Teams for Desktop on the remote Windows host is prior to 25163.3611.3774.6315 It is, therefore, affected by an elevation of privilege vulnerability: - Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate...

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. BMC Control-M suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

PHPGurukul Online Library Management System 安全漏洞

Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in the Online Library Management System, which is caused by a flaw in the adminlogin.php component and the Login function, and can be exploited by an attacker to cause an...

Dell PowerProtect Data Manager Elevation of Privilege Vulnerability

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An elevation of privilege vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which stem...

CVE-2025-54913

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows UI XAML Maps MapControlSettings allows an authorized attacker to elevate privileges locally...

CVE-2025-54112

Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

CVE-2025-54091

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2025-55245

Improper link resolution before file access 'link following' in Xbox allows an authorized attacker to elevate privileges locally...

CVE-2025-54115

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2025-54093

Time-of-check time-of-use toctou race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

CVE-2025-54116

Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally...

CVE-2025-54110

Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally...

PT-2025-37114

Name of the Vulnerable Software and Affected Versions: Altiris Core Agent Updater affected versions not specified Description: The Altiris Core Agent Updater package AeXNSC.exe is susceptible to an elevation of privileges issue due to DLL hijacking. Recommendations: At the moment, there is no...

CVE-2025-43722

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

Linux Distros Unpatched Vulnerability : CVE-2017-0490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a...

Linux Distros Unpatched Vulnerability : CVE-2024-43591

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Azure Command Line Integration CLI Elevation of Privilege Vulnerability CVE-2024-43591 Note that Nessus relies on the presence of the package as reported by the...

AxxonSoft AxxonOne 安全漏洞

AxxonSoft AxxonOne is a video surveillance and security management software from AxxonSoft Ireland. A security vulnerability exists in AxxonSoft AxxonOne version 2.0.8 and earlier, which stems from a dependency on vulnerable third-party components in the PostgreSQL backend, and could lead to...