Weaknesses of type CWE-59
622 resultsCVE-2023-36394HIGHWindows Search Service Elevation of Privilege VulnerabilityEPSS 6.7%CVE-2025-21204HIGHWindows Process Activation Elevation of Privilege VulnerabilityEPSS 6.4%CVE-2019-1069HIGHTask Scheduler Elevation of Privilege VulnerabilityEPSS 6.2%KEVCVE-2018-10897HIGHA directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configurEPSS 5.7%CVE-2020-5738—Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a sEPSS 5.4%CVE-2025-60710HIGHHost Process for Windows Tasks Elevation of Privilege VulnerabilityEPSS 4.6%KEVCVE-2024-20656HIGHVisual Studio Elevation of Privilege VulnerabilityEPSS 3.9%CVE-2016-9602HIGHQemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use thiEPSS 3.8%CVE-2019-1188HIGHLNK Remote Code Execution VulnerabilityEPSS 3.8%CVE-2019-1385HIGHAn elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resultiEPSS 3.6%KEVCVE-2019-1315HIGHAn elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error ReportEPSS 3.5%KEVCVE-2025-21420HIGHWindows Disk Cleanup Tool Elevation of Privilege VulnerabilityEPSS 3.4%CVE-2026-50656HIGHMicrosoft Defender Elevation of Privilege VulnerabilityEPSS 3.4%CVE-2021-37701HIGHArbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic linksEPSS 3.3%CVE-2018-14651HIGHIt was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, aEPSS 3.2%CVE-2026-25187HIGHWinlogon Elevation of Privilege VulnerabilityEPSS 3.2%CVE-2026-45586HIGHWindows Collaborative Translation Framework (CTFMON) Elevation of Privilege VulnerabilityEPSS 3.0%CVE-2020-0638HIGHAn elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an atEPSS 3.0%KEVCVE-2022-21919HIGHWindows User Profile Service Elevation of Privilege VulnerabilityEPSS 2.9%KEVCVE-2010-4226HIGHcpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symliEPSS 2.9%