CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6932 – Use-after-free in Linux kernel's ipv4: igmp component
https://notcve.org/view.php?id=CVE-2023-6932
This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. • http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e2b706c691905fe78468c361aaabc719d0a496f1 https://kernel.dance/e2b706c691905fe78468c361aaabc719d0a496f1 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://access.redhat.com/security/cve/CVE-2023-6932 https://bugzilla.redhat.com/show_bug.cgi?id=2255283 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6931 – Out-of-bounds write in Linux kernel's Performance Events system component
https://notcve.org/view.php?id=CVE-2023-6931
This may lead to a system crash, code execution, or local privilege escalation. • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=382c27f4ed28f803b1f1473ac2d8db0afc795a1b https://kernel.dance/382c27f4ed28f803b1f1473ac2d8db0afc795a1b https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://access.redhat.com/security/cve/CVE-2023-6931 https://bugzilla.redhat.com/show_bug.cgi?id=2252731 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50226 – Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-50226
Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. • https://kb.parallels.com/en/125013 https://www.zerodayinitiative.com/advisories/ZDI-23-1805 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49706
https://notcve.org/view.php?id=CVE-2023-49706
Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions of another user. • https://linotp.org/CVE-2023-49706.txt https://linotp.org/security-update-linotp3-selfservice.html https://www.linotp.org/news.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50228 – Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-50228
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. • https://kb.parallels.com/en/125013 https://www.zerodayinitiative.com/advisories/ZDI-23-1803 • CWE-347: Improper Verification of Cryptographic Signature •