Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
Improper input validation in the UEFI firmware DXE module for the Intel(R) Server D50DNP and M50FCP boards may allow a privileged user to potentially enable escalation of privilege via local access.
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
Improper input validation in UEFI firmware for some Intel(R) Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.