CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-35355 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35355
12 Sep 2023 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Controlador del Minifiltro de Achivos en la Nube de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35355 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 1CVE-2022-47637
https://notcve.org/view.php?id=CVE-2022-47637
12 Sep 2023 — The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges. El instalador en XAMPP hasta 8.1.12 permite a los usuarios locales escribir en el directorio C:\xampp. Los casos de uso comunes ejecutan archivos en C:\xampp con privilegios administrativos. • https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdf • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38144 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38144
12 Sep 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Controlador del Sistema de Windows Common Log File This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the clfs.sys driver. A crafted BLF file can trigg... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38144 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38143 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38143
12 Sep 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Controlador del Sistema de Windows Common Log File This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CLFS driver. The issue results from the lack ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38143 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2019-16471 – Use-After-Free in app.measureDialog - Tianfu Cup
https://notcve.org/view.php?id=CVE-2019-16471
11 Sep 2023 — Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2019.021.20056 y anteriores de Adobe Acrobat Reader se ven afectadas por una vulnerabilidad Use After Free que podría provocar la ejecución de código arbitrario en el contexto del usuario actual. La explotación de ... • https://helpx.adobe.com/security/products/acrobat/apsb19-55.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 6%CPEs: 10EXPL: 0CVE-2019-16470 – CoolType.dll crash - Tianfu Cup
https://notcve.org/view.php?id=CVE-2019-16470
11 Sep 2023 — Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2019.021.20056 y anteriores de Adobe Acrobat Reader se ven afectadas por una vulnerabilidad de Desbordamiento de Búfer que podría provocar la ejecución de código arbitrario en el contexto del usuario a... • https://helpx.adobe.com/security/products/acrobat/apsb19-55.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-7819 – Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-7819
11 Sep 2023 — Adobe Acrobat Reader versions 2019.010.20098 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2019.010.20098 y anteriores de Adobe Acrobat Reader se ven afectadas por una vulnerabilidad de Lectura Fuera de Límites que podría provocar la divulgación de ... • https://helpx.adobe.com/security/products/acrobat/apsb19-17.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-34238 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-34238
11 Sep 2023 — Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones de Acrobat Reader 22.001.20142 (y anteriores), 20.005.30334 (y anteriores) y 20.005.30334 (y anteriores) ... • https://helpx.adobe.com/security/products/acrobat/apsb22-32.html • CWE-125: Out-of-bounds Read •
CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4576 – Gentoo Linux Security Advisory 202402-25
https://notcve.org/view.php?id=CVE-2023-4576
11 Sep 2023 — On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. En Windows, podría ocurrir un desbordamiento de enteros en `RecordedSourceSurfaceCreation`, lo que r... • https://bugzilla.mozilla.org/show_bug.cgi?id=1846694 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2020-24088
https://notcve.org/view.php?id=CVE-2020-24088
11 Sep 2023 — An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges. Se descubrió un problema en la rutina MmMapIoSpace en Foxconn Live Update Utility 2.1.6.26, que permite a atacantes locales escalar privilegios. • https://github.com/rjt-gupta/CVE-2020-24088 •