CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2023-4206 – Use-after-free in Linux kernel's net/sched: cls_route component
https://notcve.org/view.php?id=CVE-2023-4206
06 Sep 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. ... Una vulnerabilidad de use-after-free en el componente net/sched: cls_route del kernel de Linux se puede explotar para lograr una escalada de privilegios local. ... A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system. ... Several vulnerabilities have been discovered in... • https://github.com/hshivhare67/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-32428
https://notcve.org/view.php?id=CVE-2023-32428
06 Sep 2023 — This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges. Este problema se solucionó con un mejor manejo de archivos. Este problema se ha solucionado en macOS Ventura 13.4, tvOS 16.5, iOS 16.5, iPadOS 16.5 y watchOS 9.5. • https://github.com/gergelykalman/CVE-2023-32428-a-macOS-LPE-via-MallocStackLogging •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4487 – GE Digital CIMPLICITY Process Control
https://notcve.org/view.php?id=CVE-2023-4487
05 Sep 2023 — GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software. GE CIMPLICITY 2023 contiene una vulnerabilidad de control de procesos, que podría permitir a un atacante local insertar archivos de configuración maliciosos en la ruta de ejecución esperada del servidor web para escalar privilegios y ob... • https://digitalsupport.ge.com/s/article/GE-Digital-CIMPLICITY-Privilege-Escalation-Vulnerability • CWE-114: Process Control •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-39365 – Unchecked regular expressions can lead to SQL Injection and data leakage in Cacti
https://notcve.org/view.php?id=CVE-2023-39365
05 Sep 2023 — This vulnerability allows remote attackers to bypass authentication or escalate privileges on affected installations of Cacti. • https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2202
https://notcve.org/view.php?id=CVE-2015-2202
05 Sep 2023 — Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35593
https://notcve.org/view.php?id=CVE-2020-35593
05 Sep 2023 — BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host. • http://web.archive.org/web/20210106175128/https://community.bmc.com/s/article/SECURITY-Patrol-Agent-Local-Privilege-Escalation-in-BMC-PATROL-Agent-CVE-2020-35593 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 22EXPL: 0CVE-2023-32811
https://notcve.org/view.php?id=CVE-2023-32811
04 Sep 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 34EXPL: 0CVE-2023-32806
https://notcve.org/view.php?id=CVE-2023-32806
04 Sep 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32805
https://notcve.org/view.php?id=CVE-2023-32805
04 Sep 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-20851
https://notcve.org/view.php?id=CVE-2023-20851
04 Sep 2023 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •