CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-5847 – Tenable Nessus Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-5847
01 Nov 2023 — Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. Bajo ciertas condiciones, un atacante con pocos privilegios podría cargar un archivo especialmente manipulado durante la instalación o actualización para escalar privilegios en hosts de Windows y Linux. This vulnerability allows local attackers to escalate privileges on affected installations of Tenable Nessus. An attacker must first obtain... • https://www.tenable.com/security/tns-2023-37 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37243
https://notcve.org/view.php?id=CVE-2023-37243
31 Oct 2023 — The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges. El archivo C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe se inicia automáticamente como SYSTE... • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0010.md • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1203
https://notcve.org/view.php?id=CVE-2016-1203
31 Oct 2023 — Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded and executed. Vulnerabilidad de verificación de archivos incorrecta en el instalador de SaAT Netizen versión 1.2.0.424 y anteriores, y SaAT Netizen versión 1.2.0.8 (Build427) y anteriores permite que un atacante ... • https://jvn.jp/en/vu/JVNVU97339542 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44219
https://notcve.org/view.php?id=CVE-2023-44219
27 Oct 2023 — A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature. Una vulnerabilidad de escalada de privilegios local en SonicWall Directory Services Connector Windows MSI client 4.1.21 y versiones anteriores permite a un usuario local con pocos privilegios obtener permisos del sistema mediante la ejecución de la función de recuperación. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0016 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-34058 – open-vm-tools: SAML token signature bypass
https://notcve.org/view.php?id=CVE-2023-34058
27 Oct 2023 — VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c... • http://www.openwall.com/lists/oss-security/2023/10/27/1 • CWE-347: Improper Verification of Cryptographic Signature CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-38041
https://notcve.org/view.php?id=CVE-2023-38041
25 Oct 2023 — A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system. Un usuario que haya iniciado sesión puede elevar sus permisos abusando de una condición de ejecución de Tiempo de Check a Tiempo de Uso (TOCTOU). Cuando se inicia un flujo de proceso particular, un atacante puede aprovechar esta condición para obtener... • https://github.com/ewilded/CVE-2023-38041-POC • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-5727 – Gentoo Linux Security Advisory 202402-25
https://notcve.org/view.php?id=CVE-2023-5727
24 Oct 2023 — The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. La advertencia de archivo ejecutable no se presentó al descargar archivos .msix, .msixbundle, .appx, y .appxbundle, que pueden ejecutar comandos en el ordenador de ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1847180 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-45883
https://notcve.org/view.php?id=CVE-2023-45883
19 Oct 2023 — A privilege escalation vulnerability exists within the Qumu Multicast Extension v2 before 2.0.63 for Windows. When a standard user triggers a repair of the software, a pop-up window opens with SYSTEM privileges. Standard users may use this to gain arbitrary code execution as SYSTEM. Existe una vulnerabilidad de escalada de privilegios en Qumu Multicast Extension v2 anterior a 2.0.63 para Windows. Cuando un usuario estándar inicia una reparación del software, se abre una ventana emergente con privilegios de ... • https://hackandpwn.com/disclosures/CVE-2023-45883.pdf • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4601 – Stack-based Buffer Overflow in NI System Configuration Software
https://notcve.org/view.php?id=CVE-2023-4601
18 Oct 2023 — A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions. Existe una vulnerabilidad de desbordamiento del búfer basada en pila en NI System Configuration que podría resultar en la divulgación de información y/o la ejecución de código arbitrario. La ex... • https://www.ni.com/en/support/documentation/supplemental/23/stack-based-buffer-overflow-in-ni-system-configuration.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43891 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-43891
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 240454. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría usarse en futuros ataques ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/240454 • CWE-209: Generation of Error Message Containing Sensitive Information •