CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31877
https://notcve.org/view.php?id=CVE-2022-31877
28 Nov 2022 — An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet. • http://msi.com • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-36960 – SolarWinds Platform Improper Input Validation
https://notcve.org/view.php?id=CVE-2022-36960
23 Nov 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-4_release_notes.htm • CWE-20: Improper Input Validation CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2022-3910 – Use after free in IO_uring in the Linux Kernel
https://notcve.org/view.php?id=CVE-2022-3910
22 Nov 2022 — An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). ... An improper Update of Refere... • https://github.com/veritas501/CVE-2022-3910 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45422
https://notcve.org/view.php?id=CVE-2022-45422
21 Nov 2022 — When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. • https://lgsecurity.lge.com/bulletins/pc • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: 71EXPL: 0CVE-2022-40772 – ManageEngine ServiceDesk Plus MSP generateSQLReport Improper Input Validation Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-40772
21 Nov 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of ManageEngine ServiceDesk Plus MSP. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://manageengine.com •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-44651 – Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-44651
21 Nov 2022 — A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000291770 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-44647 – Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-44647
21 Nov 2022 — An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000291770 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-44648 – Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-44648
21 Nov 2022 — An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000291770 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-44649 – Trend Micro Apex One Unauthorized Change Prevention Service Out-Of-Bounds Access Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-44649
21 Nov 2022 — This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000291770 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-44650 – Trend Micro Apex One Unauthorized Change Prevention Service Memory Corruption Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-44650
21 Nov 2022 — This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000291770 • CWE-787: Out-of-bounds Write •