CVSS: 8.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-2334 – Softing Secure Integration Server Uncontrolled Search Path Element
https://notcve.org/view.php?id=CVE-2022-2334
17 Aug 2022 — This vulnerability allows remote attackers to escalate privileges on affected installations of Softing Secure Integration Server. • https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2022-31262
https://notcve.org/view.php?id=CVE-2022-31262
17 Aug 2022 — An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. • https://github.com/secure-77/CVE-2022-31262 • CWE-281: Improper Preservation of Permissions •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28756 – Local Privilege Escalation in Auto Updater for Zoom Client for Meetings for macOS
https://notcve.org/view.php?id=CVE-2022-28756
15 Aug 2022 — The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. Zoom Client for Meetings para macOS (estándar y para IT Admin) a partir de la versión 5.7.3 y anteriores a 5.11.5, contiene una vulnerabilidad en el proceso de actualización automática. Un usuario local poco privilegiado podría aprovechar esta vul... • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26696 – Apple macOS LaunchServices Sandbox Escape Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-26696
15 Aug 2022 — An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user. • https://support.apple.com/en-us/HT213257 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2585 – kernel: posix cpu timer use-after-free may lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2022-2585
11 Aug 2022 — It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. Se descubrió que al ejecutar desde un subproceso no líder, los temporizadores de CPU POSIX armados se dejaban en una lista pero se liberaban, lo que generaba un use-after-free. A use-after-free flaw was found in the Linux kernel’s POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This f... • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2CVE-2022-2586 – Linux Kernel Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-2586
10 Aug 2022 — This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 9CVE-2022-2588 – Linux Kernel route4_change Double Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-2588
10 Aug 2022 — This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://github.com/ASkyeye/2022-LPE-UAF • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31672
https://notcve.org/view.php?id=CVE-2022-31672
09 Aug 2022 — A malicious actor with administrative network access can escalate privileges to root. • https://www.vmware.com/security/advisories/VMSA-2022-0022.html •
CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 0CVE-2022-35820 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-35820
09 Aug 2022 — Windows Bluetooth Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios de Windows Bluetooth Driver This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820 •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-34703 – Windows Partition Management Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-34703
09 Aug 2022 — Este ID de CVE es diferente de CVE-2022-33670 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34703 •