Search CVEs

Top 20 matches Showing top matches — use filters or a more specific query to narrow

CVE-2025-25004

HIGH CVSS 7.3

Find Similar

Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-35433

HIGH CVSS 7.3

Find Similar

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.

microsoft

CVE-2026-47280

CRITICAL CVSS 9.8

Find Similar

Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-32076

HIGH CVSS 7.8

Find Similar

Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-32174

HIGH CVSS 8.8

Find Similar

Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-27914

HIGH CVSS 7.8

Find Similar

Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-47292

HIGH CVSS 7.8

Find Similar

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.

microsoft

CVE-2025-47179

MEDIUM CVSS 6.7

Find Similar

Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-33834

HIGH CVSS 7.8

Find Similar

Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-32181

MEDIUM CVSS 5.5

Find Similar

Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.

microsoft

CVE-2026-49161

HIGH CVSS 7.8

Find Similar

Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally.

microsoft

CVE-2026-40417

HIGH CVSS 7.8

Find Similar

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-40419

HIGH CVSS 7.8

Find Similar

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-40418

HIGH CVSS 7.8

Find Similar

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-35436

HIGH CVSS 8.8

Find Similar

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-40408

HIGH CVSS 7.8

Find Similar

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2026-35415

HIGH CVSS 7.8

Find Similar

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

microsoft

CVE-2025-47966

CRITICAL CVSS 9.8

Find Similar

Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.

microsoft

CVE-2026-40371

HIGH CVSS 8.8

Find Similar

Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to elevate privileges over a network.

microsoft

CVE-2026-42829

HIGH CVSS 7.8

Find Similar

Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.

microsoft

← Previous Page 2+ Next →