CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2022-1116
https://notcve.org/view.php?id=CVE-2022-1116
17 May 2022 — Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30697 – Local privilege escalation due to insecure folder permissions
https://notcve.org/view.php?id=CVE-2022-30697
16 May 2022 — Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-3082 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30696 – Local privilege escalation due to a DLL hijacking vulnerability
https://notcve.org/view.php?id=CVE-2022-30696
16 May 2022 — Local privilege escalation due to a DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-3081 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30695 – Local privilege escalation due to excessive permissions assigned to child processes
https://notcve.org/view.php?id=CVE-2022-30695
16 May 2022 — Local privilege escalation due to excessive permissions assigned to child processes. • https://security-advisory.acronis.com/advisories/SEC-3080 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 7.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28247 – Adobe Acrobat Uninstaller Hard Link Leads To Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-28247
11 May 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.2EPSS: 0%CPEs: 39EXPL: 0CVE-2022-0026 – Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2022-0026
11 May 2022 — A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. • https://security.paloaltonetworks.com/CVE-2022-0026 • CWE-282: Improper Ownership Management •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0025 – Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2022-0025
11 May 2022 — A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. • https://security.paloaltonetworks.com/CVE-2022-0025 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2021-37851 – Local Privilege Escalation in ESET product for Windows
https://notcve.org/view.php?id=CVE-2021-37851
11 May 2022 — Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. • https://support.eset.com/en/ca8268 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23743
https://notcve.org/view.php?id=CVE-2022-23743
11 May 2022 — Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. • https://www.zonealarm.com/software/extreme-security/release-history • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30523 – Trend Micro Password Manager Link Following Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-30523
11 May 2022 — Trend Micro Password Manager (Consumer) versión 5.0.0.1266 y anteriores, es susceptible a una vulnerabilidad de escalada de privilegios de seguimiento de enlaces que podría permitir a un atacante local con pocos privilegios eliminar el contenido de una carpeta arbitraria como SYSTEM, lo que puede usarse para una escalada de privilegios en el equipo afectado This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Password Manager. ... An attacker can l... • https://helpcenter.trendmicro.com/en-us/article/tmka-09071 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •