CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46914
https://notcve.org/view.php?id=CVE-2023-46914
SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via ics_export.php. • https://security.friendsofpresta.org/modules/2024/02/06/bookingcalendar.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24303
https://notcve.org/view.php?id=CVE-2024-24303
SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for PrestaShop before version 1.4.1, allows remote attackers to escalate privileges and obtain sensitive information via the HiAdvancedGiftWrappingGiftWrappingModuleFrontController::addGiftWrappingCartValue() method. • https://security.friendsofpresta.org/modules/2024/02/06/hiadvancedgiftwrapping.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22239
https://notcve.org/view.php?id=CVE-2024-22239
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access. Aria Operations for Networks contiene una vulnerabilidad de escalada de privilegios local. • https://www.vmware.com/security/advisories/VMSA-2024-0002.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22237
https://notcve.org/view.php?id=CVE-2024-22237
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system. Aria Operations for Networks contiene una vulnerabilidad de escalada de privilegios local. • https://www.vmware.com/security/advisories/VMSA-2024-0002.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32479 – Dell Security Management Server Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation. ... Un usuario malintencionado local podría explotar esta vulnerabilidad reemplazando los archivos binarios en el directorio instalado y tomando el shell inverso del sistema, lo que provocaría una escalada de privilegios. Dell Security Management Server versions prior to 11.9.0 suffer from a local privilege escalation vulnerability. • https://www.dell.com/support/kbdoc/en-us/000215881/dsa-2023-260 • CWE-284: Improper Access Control •