CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42122 – Control Web Panel wloggui Command Injection Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-42122
Control Web Panel wloggui Command Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Control Web Panel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... This vulnerability allows local attackers to escalate privileges on affected installations of Control Web Panel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-23-1479 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-43320 – Proxmox VE 7.4-1 TOTP Brute Force
https://notcve.org/view.php?id=CVE-2023-43320
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication component. • http://packetstormsecurity.com/files/176967/Proxmox-VE-7.4-1-TOTP-Brute-Force.html https://bugzilla.proxmox.com/show_bug.cgi?id=4579 https://bugzilla.proxmox.com/show_bug.cgi?id=4584 https://github.com/proxmox/proxmox-rs/commit/50b793db8d3421bbfe2bce060a486263f18a90cb •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42124 – Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-42124
This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity. ... This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. ... This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity. • https://www.zerodayinitiative.com/advisories/ZDI-23-1474 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42125 – Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-42125
This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. ... This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-23-1475 • CWE-706: Use of Incorrectly-Resolved Name or Reference •
CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0CVE-2023-34043
https://notcve.org/view.php?id=CVE-2023-34043
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. • https://www.vmware.com/security/advisories/VMSA-2023-0020.html • CWE-269: Improper Privilege Management •