CVSS: 6.7EPSS: 0%CPEs: 23EXPL: 0CVE-2023-32877
https://notcve.org/view.php?id=CVE-2023-32877
02 Jan 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32872
https://notcve.org/view.php?id=CVE-2023-32872
02 Jan 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47458
https://notcve.org/view.php?id=CVE-2023-47458
02 Jan 2024 — An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework. • http://springblade.com • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41542
https://notcve.org/view.php?id=CVE-2023-41542
30 Dec 2023 — SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component. • https://pho3n1x-web.github.io/2023/09/15/CVE-2023-41542%28JeecgBoot_sql%29 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-41543
https://notcve.org/view.php?id=CVE-2023-41543
30 Dec 2023 — SQL injection vulnerability in jeecg-boot v3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the component /sys/replicate/check. • https://mp.weixin.qq.com/s/q6R-kaN4XS5d_cgWtq46vw • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0CVE-2023-51780 – kernel: use-after-free in net/atm/ioctl.c
https://notcve.org/view.php?id=CVE-2023-51780
25 Dec 2023 — This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, or cause the system to crash. ... A local attacker could possibly use this to cause a denial of service. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48670
https://notcve.org/view.php?id=CVE-2023-48670
22 Dec 2023 — Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. ... Un atacante local autenticado con pocos privilegios podría explotar esta vulnerabilidad, lo que llevaría a la ejecución de un ejecutable arbitrario en el sistema ... • https://www.dell.com/support/kbdoc/en-us/000220677/dsa-2023-468-security-update-for-dell-supportassist-for-home-pcs-installer-file-local-privilege-escalation-vulnerability • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-6546 – Kernel: gsm multiplexing race condition leads to privilege escalation
https://notcve.org/view.php?id=CVE-2023-6546
21 Dec 2023 — This could allow a local unprivileged user to escalate their privileges on the system. ... Esto podría permitir que un usuario local sin privilegios aumente sus privilegios en el sistema. This vulnerability allows local attackers to execute arbitrary code on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. ... Issues addressed include a privilege es... • http://www.openwall.com/lists/oss-security/2024/04/10/18 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50477
https://notcve.org/view.php?id=CVE-2023-50477
21 Dec 2023 — An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js. • https://github.com/nos/client/issues/1485 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51577 – Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-51577
20 Dec 2023 — Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. ... An attacker can leverage this vulnerability to escalate privileges ... • https://www.zerodayinitiative.com/advisories/ZDI-23-1883 • CWE-749: Exposed Dangerous Method or Function •