Page 142 of 3512 results (0.011 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-43555 – Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2022-43555

Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability Vulnerabilidad de escalada de privilegios locales sin autenticación de Ivanti Avalanche Printer Device Service This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt • CWE-306: Missing Authentication for Critical Function •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-3893 – Kubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation

https://notcve.org/view.php?id=CVE-2023-3893

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. • https://github.com/kubernetes/kubernetes/issues/119594 https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ https://security.netapp.com/advisory/ntap-20231221-0004 • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3

CVE-2023-46980

https://notcve.org/view.php?id=CVE-2023-46980

An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter. • https://github.com/sajaljat/CVE-2023-46980 https://github.com/sajaljat/CVE-2023-46980/tree/main https://youtu.be/3Mz2lSElg7Y • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-31027

https://notcve.org/view.php?id=CVE-2023-31027

NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges. • https://nvidia.custhelp.com/app/answers/detail/a_id/5491 • CWE-427: Uncontrolled Search Path Element •

CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 1

CVE-2023-5178 – Kernel: use after free in nvmet_tcp_free_crypto in nvme

https://notcve.org/view.php?id=CVE-2023-5178

This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. • https://github.com/rockrid3r/CVE-2023-5178 https://access.redhat.com/errata/RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7418 https://access.redhat.com/errata/RHSA-2023:7548 https://access.redhat.com/errata/RHSA-2023:7549 https://access.redhat.com/errata/RHSA-2023:7551 https://access.redhat.com/errata/RHSA-2023:7554 https://access.redhat.com/errata/RHSA-2023:7557 https://access.redhat.com/errata/RHSA-2023 • CWE-416: Use After Free •