CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0633 – In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE
https://notcve.org/view.php?id=CVE-2023-0633
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before 4.12.0. En Docker Desktop en Windows anterior a 4.12.0, una inyección de argumento en el instalador puede provocar una escalada de privilegios local (LPE). • https://docs.docker.com/desktop/release-notes/#4120 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0627 – Docker Desktop 4.11.x allows --no-windows-containers flag bypass
https://notcve.org/view.php?id=CVE-2023-0627
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation (LPE).This issue affects Docker Desktop: 4.11.X. Docker Desktop 4.11.x permite omitir el indicador --no-windows-containers a través de la suplantación de respuesta de IPC, lo que puede provocar una escalada de privilegios locales (LPE). • https://docs.docker.com/desktop/release-notes/#4120 • CWE-501: Trust Boundary Violation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41419 – python-gevent: privilege escalation via a crafted script to the WSGIServer component
https://notcve.org/view.php?id=CVE-2023-41419
An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component. • https://github.com/gevent/gevent/commit/2f53c851eaf926767fbac62385615efd4886221c https://github.com/gevent/gevent/issues/1989 https://access.redhat.com/security/cve/CVE-2023-41419 https://bugzilla.redhat.com/show_bug.cgi?id=2240651 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43766
https://notcve.org/view.php?id=CVE-2023-43766
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. • https://www.withsecure.com/en/support/security-advisories https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn4 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-41992 – Apple Multiple Products Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41992
Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation. • https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 • CWE-754: Improper Check for Unusual or Exceptional Conditions •