CVE-2023-48861
https://notcve.org/view.php?id=CVE-2023-48861
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll. • https://github.com/xieqiang11/POC4/blob/main/README.md • CWE-427: Uncontrolled Search Path Element •
CVE-2023-45253
https://notcve.org/view.php?id=CVE-2023-45253
An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library. • https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253 • CWE-269: Improper Privilege Management •
CVE-2023-45252
https://notcve.org/view.php?id=CVE-2023-45252
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges. • https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253 • CWE-427: Uncontrolled Search Path Element •
CVE-2023-41807 – Linux Local Privilege Escalation Via GoTTY Page
https://notcve.org/view.php?id=CVE-2023-41807
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows a user to escalate permissions on the system shell. This issue affects Pandora FMS: from 700 through 773. Vulnerabilidad de Gestión de Privilegios inadecuada en todo Pandora FMS permite Escalada de Privilegios. Esta vulnerabilidad permite a un usuario escalar permisos en el shell del sistema. • https://pandorafms.com/en/security/common-vulnerabilities-and-exposures • CWE-269: Improper Privilege Management •
CVE-2021-37942 – APM Java Agent Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2021-37942
A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. • https://discuss.elastic.co/t/apm-java-agent-security-update/291355 https://www.elastic.co/community/security • CWE-269: Improper Privilege Management •