IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Microsoft Common Log File System Elevation of Privilege Vulnerability
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.
Windows Installer Elevation of Privilege Vulnerability
NTFS Elevation of Privilege Vulnerability
Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Windows Authentication Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Windows USB Print Driver Elevation of Privilege Vulnerability
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
Windows Desktop Bridge Elevation of Privilege Vulnerability
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Win32k Elevation of Privilege Vulnerability
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Improper permissions in the installer for the ITE Tech* Consumer Infrared Driver for Windows 10 versions before 5.4.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984.
Win32k Elevation of Privilege Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Visual Studio Elevation of Privilege Vulnerability
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Cryptographic Services Remote Code Execution Vulnerability
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
Windows Update Medic Service Elevation of Privilege Vulnerability
Windows SMB Elevation of Privilege Vulnerability
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows Kernel Handle Validation Vulnerability."
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2.
Windows Bind Filter Driver Elevation of Privilege Vulnerability
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.
Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.