CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46348
https://notcve.org/view.php?id=CVE-2023-46348
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods. • https://security.friendsofpresta.org/modules/2023/12/07/sturls.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48925
https://notcve.org/view.php?id=CVE-2023-48925
SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows attackers to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run(). • https://security.friendsofpresta.org/modules/2023/12/07/bavideotab.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45170 – IBM AIX privilege escalation
https://notcve.org/view.php?id=CVE-2023-45170
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piobe command to escalate privileges or cause a denial of service. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267968 https://www.ibm.com/support/pages/node/7095022 •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45174 – IBM AIX privilege escalation
https://notcve.org/view.php?id=CVE-2023-45174
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267972 https://www.ibm.com/support/pages/node/7095022 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2023-49147 – PDF24 Creator 11.15.1 Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-49147
PDF24 Creator versions 11.15.1 and below suffer from a local privilege escalation vulnerability via the MSI installer. • http://packetstormsecurity.com/files/176206/PDF24-Creator-11.15.1-Local-Privilege-Escalation.html http://seclists.org/fulldisclosure/2023/Dec/18 https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-pdf24-creator-geek-software-gmbh •