Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
Buscar noticias
Total: 3456
Microsoft
CVE-2026-20848 CVSS 7.5
2026-01-13 08:00 UTC · 2026-01-13 05:00 -03
Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
Microsoft
CVE-2026-20849 CVSS 7.5
2026-01-13 08:00 UTC · 2026-01-13 05:00 -03
CVE-2026-20854 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability
⚠️ Importante
Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.
Microsoft
CVE-2026-20854 CVSS 7.5
2026-01-13 08:00 UTC · 2026-01-13 05:00 -03
CVE-2026-20856 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
⚠️ Importante
Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
Microsoft
CVE-2026-20856 CVSS 8.1
2026-01-13 08:00 UTC · 2026-01-13 05:00 -03
CVE-2026-20860 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
⚠️ Importante
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Microsoft
CVE-2026-20860 CVSS 7.8
2026-01-13 08:00 UTC · 2026-01-13 05:00 -03