CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-47254
https://notcve.org/view.php?id=CVE-2023-47254
09 Dec 2023 — An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote attackers to execute arbitrary system commands and escalate privileges via any account created within the web interface. • https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-023.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48421
https://notcve.org/view.php?id=CVE-2023-48421
08 Dec 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48420
https://notcve.org/view.php?id=CVE-2023-48420
08 Dec 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48414
https://notcve.org/view.php?id=CVE-2023-48414
08 Dec 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48409
https://notcve.org/view.php?id=CVE-2023-48409
08 Dec 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48407
https://notcve.org/view.php?id=CVE-2023-48407
08 Dec 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48406
https://notcve.org/view.php?id=CVE-2023-48406
08 Dec 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48405
https://notcve.org/view.php?id=CVE-2023-48405
08 Dec 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-12-01 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48402
https://notcve.org/view.php?id=CVE-2023-48402
08 Dec 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2023-12-01 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48929
https://notcve.org/view.php?id=CVE-2023-48929
08 Dec 2023 — The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information. • https://github.com/MatJosephs/CVEs/tree/main/CVE-2023-48929 • CWE-384: Session Fixation •