CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0CVE-2023-51780 – kernel: use-after-free in net/atm/ioctl.c
https://notcve.org/view.php?id=CVE-2023-51780
This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, or cause the system to crash. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://security.netapp.com/advisory/ntap-20240419-0001 https://access.redhat.com/security/cve/CVE-2023-51780 https://bugzilla.redhat.com/show_bug.cgi?id=2257682 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48670
https://notcve.org/view.php?id=CVE-2023-48670
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. Dell SupportAssist para PCs domésticos versión 3.14.1 y versiones anteriores contienen una vulnerabilidad de escalada de privilegios en el instalador. Un atacante local autenticado con pocos privilegios podría explotar esta vulnerabilidad, lo que llevaría a la ejecución de un ejecutable arbitrario en el sistema operativo con privilegios elevados. • https://www.dell.com/support/kbdoc/en-us/000220677/dsa-2023-468-security-update-for-dell-supportassist-for-home-pcs-installer-file-local-privilege-escalation-vulnerability • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-6546 – Kernel: gsm multiplexing race condition leads to privilege escalation
https://notcve.org/view.php?id=CVE-2023-6546
An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. • http://www.openwall.com/lists/oss-security/2024/04/10/18 http://www.openwall.com/lists/oss-security/2024/04/10/21 http://www.openwall.com/lists/oss-security/2024/04/11/7 http://www.openwall.com/lists/oss-security/2024/04/11/9 http://www.openwall.com/lists/oss-security/2024/04/12/1 http://www.openwall.com/lists/oss-security/2024/04/12/2 http://www.openwall.com/lists/oss-security/2024/04/16/2 http://www.openwall.com/lists/oss-security/20 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50477
https://notcve.org/view.php?id=CVE-2023-50477
An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js. • https://github.com/nos/client/issues/1485 https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-50477.md •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-51588 – Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-51588
Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-23-1893 • CWE-798: Use of Hard-coded Credentials •