CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48677
https://notcve.org/view.php?id=CVE-2023-48677
Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-5620 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50446
https://notcve.org/view.php?id=CVE-2023-50446
Insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM. • https://github.com/mullvad/mullvadvpn-app/pull/5398 https://github.com/mullvad/mullvadvpn-app/releases/tag/2023.6 https://github.com/mullvad/mullvadvpn-app/releases/tag/2023.6-beta1 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49797 – Local Privilege Escalation in pyinstaller on Windows
https://notcve.org/view.php?id=CVE-2023-49797
PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if **all** the following are satisfied: 1. The user runs an application containing either `matplotlib` or `win32com`. 2. The application is ran as administrator (or at least a user with higher privileges than the attacker). 3. • https://github.com/pyinstaller/pyinstaller/pull/7827 https://github.com/pyinstaller/pyinstaller/security/advisories/GHSA-9w2p-rh8c-v9g5 https://github.com/python/cpython/blob/0fb18b02c8ad56299d6a2910be0bab8ad601ef24/Lib/shutil.py#L623 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2K2XIQLEMZIKUQUOWNDYWTEWYQTKMAN7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRWT34FAF23PUOLVZ7RVWBZMWPDR5U7 • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-47254
https://notcve.org/view.php?id=CVE-2023-47254
An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote attackers to execute arbitrary system commands and escalate privileges via any account created within the web interface. • https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-023.txt https://www.syss.de/pentest-blog/command-injection-via-cli-des-draytek-vigor167-syss-2023-023 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48929
https://notcve.org/view.php?id=CVE-2023-48929
The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information. • https://github.com/MatJosephs/CVEs/tree/main/CVE-2023-48929 • CWE-384: Session Fixation •