CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37987 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37987
11 Oct 2022 — Este ID de CVE es diferente de CVE-2022-37989 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37987 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37989 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37989
11 Oct 2022 — Este ID de CVE es diferente de CVE-2022-37987 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37989 •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37997 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37997
11 Oct 2022 — Este ID de CVE es exclusivo de CVE-2022-38051 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37997 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42717
https://notcve.org/view.php?id=CVE-2022-42717
11 Oct 2022 — An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root. Se ha detectado un problema en Hashicorp Packer versiones anteriores a 2.3.1. La configuración de sudoers recomendada para Vagrant en Linux es insegura. • https://discuss.hashicorp.com/t/hcsec-2022-23-vagrant-nfs-sudoers-configuration-allows-for-local-privilege-escalation/45423 •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42424 – Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-42424
07 Oct 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. ... This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. • https://www.zerodayinitiative.com/advisories/ZDI-22-1395 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42425 – Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-42425
07 Oct 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. ... This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. • https://www.zerodayinitiative.com/advisories/ZDI-22-1396 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42426 – Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-42426
07 Oct 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. ... This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. • https://www.zerodayinitiative.com/advisories/ZDI-22-1397 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42427 – Centreon Contact Group SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-42427
07 Oct 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. ... This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. • https://www.zerodayinitiative.com/advisories/ZDI-22-1398 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42428 – Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-42428
07 Oct 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. ... This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. • https://www.zerodayinitiative.com/advisories/ZDI-22-1399 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42429 – Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-42429
07 Oct 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. ... This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. ... An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. • https://www.zerodayinitiative.com/advisories/ZDI-22-1394 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •