CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-33480
https://notcve.org/view.php?id=CVE-2023-33480
RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. ... By sending a series of specially crafted requests to the RemoteClinic application, an attacker can create admin users with more privileges than their own, upload a PHP file containing arbitrary code, and execute arbitrary commands via the PHP shell. • https://github.com/remoteclinic/RemoteClinic/issues/24 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4996 – Local privilege escalation
https://notcve.org/view.php?id=CVE-2023-4996
Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. The root cause of the problem was a user control code when called by a Windows ServiceController did not validate the permissions associated with the user before executing the user control code. This user control code had permissions to terminate the NSClient service. Netskope fue informado de una vulnerabilidad de seguridad en su producto NSClient para la versión 100 y anteriores donde un usuario malintencionado que no sea administrador puede desactivar el cliente Netskope mediante el uso de un paquete especialmente manipulado. La causa principal del problema fue que un código de control de usuario cuando lo llamaba un ServiceController de Windows no validaba los permisos asociados con el usuario antes de ejecutar el código de control de usuario. • https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2023-003 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 0CVE-2023-32832 – Android mtk_jpeg Driver Race Condition / Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32832
This could lead to local escalation of privilege with no additional execution privileges needed. ... A race condition in the Android mtk_jpeg driver can lead to memory corruption and potential local privilege escalation. • http://packetstormsecurity.com/files/175662/Android-mtk_jpeg-Driver-Race-Condition-Privilege-Escalation.html https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41726 – Ivanti Avalanche Incorrect Default Permissions Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41726
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability Los permisos predeterminados incorrectos de Ivanti Avalanche permiten una vulnerabilidad de escalada de privilegios locales This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41725 – Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41725
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability Vulnerabilidad de escalada de privilegios locales de carga de archivos sin restricciones de Ivanti Avalanche EnterpriseServer Service This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt • CWE-434: Unrestricted Upload of File with Dangerous Type •