CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2023-32838
https://notcve.org/view.php?id=CVE-2023-32838
06 Nov 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-32837 – mtk-jpeg Driver Out-Of-Bounds Read / Write
https://notcve.org/view.php?id=CVE-2023-32837
06 Nov 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. ... An out-of-bounds read / write due to missing bounds check in the mtk-jpeg driver can lead to memory corruption and potential escalation of privileges. • https://packetstorm.news/files/id/175665 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2023-32836
https://notcve.org/view.php?id=CVE-2023-32836
06 Nov 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2023-32835
https://notcve.org/view.php?id=CVE-2023-32835
06 Nov 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 50EXPL: 0CVE-2023-32834
https://notcve.org/view.php?id=CVE-2023-32834
06 Nov 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 13EXPL: 0CVE-2023-32818
https://notcve.org/view.php?id=CVE-2023-32818
06 Nov 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 1CVE-2023-32832 – Android mtk_jpeg Driver Race Condition / Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32832
06 Nov 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. ... A race condition in the Android mtk_jpeg driver can lead to memory corruption and potential local privilege escalation. • http://packetstormsecurity.com/files/175662/Android-mtk_jpeg-Driver-Race-Condition-Privilege-Escalation.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41726 – Ivanti Avalanche Incorrect Default Permissions Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41726
03 Nov 2023 — Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability Los permisos predeterminados incorrectos de Ivanti Avalanche permiten una vulnerabilidad de escalada de privilegios locales This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the contex... • https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41725 – Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41725
03 Nov 2023 — Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability Vulnerabilidad de escalada de privilegios locales de carga de archivos sin restricciones de Ivanti Avalanche EnterpriseServer Service This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to escalate privileges and execute arbit... • https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43554 – Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-43554
03 Nov 2023 — Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability Vulnerabilidad de escalada de privilegios locales de autenticación faltante de Ivanti Avalanche Smart Device Service This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the contex... • https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt • CWE-306: Missing Authentication for Critical Function •