CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-36804 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36804
12 Sep 2023 — Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36804 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38161 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38161
12 Sep 2023 — Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38161 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38144 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38144
12 Sep 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Controlador del Sistema de Windows Common Log File This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38144 • CWE-126: Buffer Over-read •
CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0CVE-2023-38155 – Azure DevOps Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38155
12 Sep 2023 — Azure DevOps Server Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Servidor Azure DevOps This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure DevOps Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38155 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-35687
https://notcve.org/view.php?id=CVE-2023-35687
11 Sep 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. • https://github.com/pazhanivel07/frameworks_av_AOSP_10_r33_CVE-2023-35687_CVE-2023-35679 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35682
https://notcve.org/view.php?id=CVE-2023-35682
11 Sep 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. • https://android.googlesource.com/platform/packages/apps/Launcher3/+/09f8b0e52e45a0b39bab457534ba2e5ae91ffad0 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-35676
https://notcve.org/view.php?id=CVE-2023-35676
11 Sep 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. • https://android.googlesource.com/platform/frameworks/base/+/109e58b62dc9fedcee93983678ef9d4931e72afa • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2023-35674 – Android Framework Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-35674
11 Sep 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. ... Android Framework contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/Thampakon/CVE-2023-35674 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35670
https://notcve.org/view.php?id=CVE-2023-35670
11 Sep 2023 — In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. ... En ComputeValuesFromData de FileUtils.java, existe una forma posible de insertar archivos en directorios privados externos de otras aplicaciones debido a un error de path traversal. Esto podría conducir a una escalada... • https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35669
https://notcve.org/view.php?id=CVE-2023-35669
11 Sep 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. • https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6 • CWE-502: Deserialization of Untrusted Data •