CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-24051 – MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24051
16 Feb 2022 — This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. ... Era ZDI-CAN-16193 This vulnerability allows local attackers to escalate privileges on affected installation... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24671 – Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24671
16 Feb 2022 — Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. • https://helpcenter.trendmicro.com/en-us/article/TMKA-10937 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-24679 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24679
16 Feb 2022 — A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. ... Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para po... • https://success.trendmicro.com/solution/000290464 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-24048 – MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24048
16 Feb 2022 — This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. ... Era ZDI-CAN-16191 This vulnerability allows local attackers to escalate privileges on affected installation... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1043 – Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-1043
16 Feb 2022 — This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges. ... Este fallo permite a un atacante con una cuenta local corromper la memoria del sistema, bloquear el sistema o escalar privilegios This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • http://packetstormsecurity.com/files/170834/io_uring-Same-Type-Object-Reuse-Privilege-Escalation.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23410
https://notcve.org/view.php?id=CVE-2022-23410
14 Feb 2022 — AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. • https://www.axis.com/files/tech_notes/CVE-2022-23410.pdf • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25150
https://notcve.org/view.php?id=CVE-2022-25150
14 Feb 2022 — In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges. • https://binisoft.org/changelog.txt • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-22854
https://notcve.org/view.php?id=CVE-2022-22854
14 Feb 2022 — page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list. • https://github.com/Dheeraj-Deshmukh/Hospital-s-patient-management-system • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0483 – Local privilege escalation due to insecure folder permissions
https://notcve.org/view.php?id=CVE-2022-0483
11 Feb 2022 — Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-3354 • CWE-427: Uncontrolled Search Path Element CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0017 – GlobalProtect App: Improper Link Resolution Vulnerability Leads to Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-0017
10 Feb 2022 — An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.5 on Windows. This issue does not affect GlobalProtect... • https://security.paloaltonetworks.com/CVE-2022-0017 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •