Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
4 CRITICAL16 HIGH ⚡ 1 KEV
CVE-2025-24994
HIGH CVSS 7.3
Find Similar
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.010
CVE-2025-24076
HIGH CVSS 7.3
Find Similar
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.010
CVE-2026-27914
HIGH CVSS 7.8
Find Similar
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.010
CVE-2025-58724
HIGH CVSS 7.8
Find Similar
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.010
CVE-2025-47989
HIGH CVSS 7.0
Find Similar
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.010
CVE-2024-37355
HIGH CVSS 8.5
Find Similar
Improper access control in some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege via local access.
NVD RRF 0.009
CVE-2025-59230
HIGH CVSS 7.8 KEV
Find Similar
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
microsoft
NVD RRF 0.009
CVE-2026-20967
HIGH CVSS 8.8
Find Similar
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.009
CVE-2025-65041
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.009
CVE-2025-59500
HIGH CVSS 8.8
Find Similar
Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.009
CVE-2026-32171
HIGH CVSS 8.8
Find Similar
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.009
CVE-2026-35430
HIGH CVSS 8.8
Find Similar
Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.009
CVE-2026-49161
HIGH CVSS 7.8
Find Similar
Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally.
microsoft
NVD RRF 0.009
CVE-2026-33821
CRITICAL CVSS 9.9
Find Similar
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.009
CVE-2026-33843
CRITICAL CVSS 9.8
Find Similar
Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.009
CVE-2026-23663
HIGH CVSS 7.5
Find Similar
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.008
CVE-2025-30392
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
microsoft
NVD RRF 0.008
← Previous Page 3+ Next →