CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-21310 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21310
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador del minifiltro de archivos en la nube de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21310 • CWE-197: Numeric Truncation Error •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6631 – Subnet Solutions Inc. PowerSYSTEM Center Unquoted Search Path or Element
https://notcve.org/view.php?id=CVE-2023-6631
PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges. • https://subnet.com/contact https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01 • CWE-428: Unquoted Search Path or Element •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47145 – IBM Db2 for Windows privilege escalation
https://notcve.org/view.php?id=CVE-2023-47145
IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270402 https://security.netapp.com/advisory/ntap-20240307-0003 https://www.ibm.com/support/pages/node/7105500 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50612
https://notcve.org/view.php?id=CVE-2023-50612
Insecure Permissions vulnerability in fit2cloud Cloud Explorer Lite version 1.4.1, allow local attackers to escalate privileges and obtain sensitive information via the cloud accounts parameter. • https://github.com/yaowenxiao721/CloudExplorer-Lite-v1.4.1-vulnerability-BOPLA • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50027
https://notcve.org/view.php?id=CVE-2023-50027
SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote attackers to escalate privileges and gain sensitive information via BaproductzoommagnifierZoomModuleFrontController::run() method. • https://security.friendsofpresta.org/modules/2023/12/19/baproductzoommagnifier.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •