CVE-2021-28411
https://notcve.org/view.php?id=CVE-2021-28411
An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. • https://github.com/lerry903/RuoYi/issues/20 • CWE-269: Improper Privilege Management •
CVE-2023-36900 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36900
Windows Common Log File System Driver Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • https://github.com/RomanRybachek/CVE-2023-36900 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-35359 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35359
Windows Kernel Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a high-privileged service account. • http://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359 • CWE-23: Relative Path Traversal •
CVE-2023-27411
https://notcve.org/view.php?id=CVE-2023-27411
This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-39520 – Cryptomator vulnerable to Local Elevation of Privileges
https://notcve.org/view.php?id=CVE-2023-39520
The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via the `repair` function. • https://github.com/cryptomator/cryptomator/commit/727c32ad50c3901a6144a11cf984a3b7ebcf8b2b https://github.com/cryptomator/cryptomator/releases/download/1.9.2/Cryptomator-1.9.2-x64.msi https://github.com/cryptomator/cryptomator/releases/tag/1.9.3 https://github.com/cryptomator/cryptomator/security/advisories/GHSA-62gx-54j7-mjh3 • CWE-269: Improper Privilege Management •