CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34057
https://notcve.org/view.php?id=CVE-2023-34057
27 Oct 2023 — VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine. VMware Tools contiene una vulnerabilidad de escalada de privilegios local. ... VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine. • https://www.vmware.com/security/advisories/VMSA-2023-0024.html • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5622 – Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-5622
26 Oct 2023 — Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file. ... This vulnerability allows local attackers to escalate privileges on affected installations of Tenable Nessus Network Monitor. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.tenable.com/security/tns-2023-34 • CWE-269: Improper Privilege Management •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5574 – Xorg-x11-server: use-after-free bug in damagedestroy
https://notcve.org/view.php?id=CVE-2023-5574
25 Oct 2023 — If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service. ... This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2024:2298 • CWE-416: Use After Free •
CVSS: 7.4EPSS: 0%CPEs: 10EXPL: 0CVE-2023-5380 – Xorg-x11-server: use-after-free bug in destroywindow
https://notcve.org/view.php?id=CVE-2023-5380
25 Oct 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary c... • https://access.redhat.com/errata/RHSA-2023:7428 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2023-5367 – Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
https://notcve.org/view.php?id=CVE-2023-5367
25 Oct 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary c... • https://access.redhat.com/errata/RHSA-2023:6802 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-5717 – Out-of-bounds write in Linux kernel's Linux Kernel Performance Events (perf) component
https://notcve.org/view.php?id=CVE-2023-5717
25 Oct 2023 — A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. ... Se puede aprovechar una vulnerabilidad de escritura fuera de límites del montón en el componente Linux Kernel Performance Events (perf) del kernel de Linux para lograr una escalada de privilegios local. ... This issue may lead to a system crash, code execution, or local privilege escalation... • https://github.com/uthrasri/CVE-2023-5717 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-44794
https://notcve.org/view.php?id=CVE-2023-44794
25 Oct 2023 — An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. • https://github.com/dromara/Sa-Token/issues/515 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46584
https://notcve.org/view.php?id=CVE-2023-46584
25 Oct 2023 — SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows a remote attacker to escalate privileges via a crafted request to the new-user-testing.php endpoint. • https://github.com/rumble773/sec-research/blob/main/NiV/CVE-2023-46584.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-43506 – Local Privilege Escalation in ClearPass OnGuard Linux Agent
https://notcve.org/view.php?id=CVE-2023-43506
24 Oct 2023 — A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance. Una vulnerabilidad en el agente de Linux ClearPass OnGuard podría permitir a usuarios malintencionados elevar sus privilegios de usuario a aquellos de una función superior. Un exploit exitoso permite a usuarios malintencionados eje... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-45990
https://notcve.org/view.php?id=CVE-2023-45990
24 Oct 2023 — Insecure Permissions vulnerability in WenwenaiCMS v.1.0 allows a remote attacker to escalate privileges. • https://github.com/PwnCYN/Wenwenai/issues/2 • CWE-276: Incorrect Default Permissions •