CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31005 – IBM Security Access Manager Container privilege escalation
https://notcve.org/view.php?id=CVE-2023-31005
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. ... IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 a 10.0.6.1 e IBM Security Verify Access Docker 10.0.0.0 a 10.0.6.1) podría permitir a un usuario local escalar sus privilegios debido a una configuración de seguridad incorrecta. ... IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254767 https://www.ibm.com/support/pages/node/7106586 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-51939
https://notcve.org/view.php?id=CVE-2023-51939
An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function. • https://gist.github.com/liang-junkai/1b59487c0f7002fa5da98035b53e409f https://github.com/liang-junkai/Relic-bbs-fault-injection https://github.com/relic-toolkit/relic/issues/284 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0833 – Privilege Elevation via Telerik Test Studio
https://notcve.org/view.php?id=CVE-2024-0833
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/teststudio/knowledge-base/product-notices-kb/legacy-installer-vulnerability https://www.telerik.com/teststudio • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0832 – Privilege Elevation via Telerik Reporting Installer
https://notcve.org/view.php?id=CVE-2024-0832
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/reporting/knowledge-base/legacy-installer-vulnerability https://www.telerik.com/products/reporting.aspx • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0219 – Privilege Elevation via Telerik JustDecompile Installer
https://notcve.org/view.php?id=CVE-2024-0219
In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability https://www.telerik.com/products/decompiler.aspx • CWE-269: Improper Privilege Management •