Page 145 of 3552 results (0.023 seconds)

CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 1

CVE-2023-5178 – Kernel: use after free in nvmet_tcp_free_crypto in nvme

https://notcve.org/view.php?id=CVE-2023-5178

This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. • https://github.com/rockrid3r/CVE-2023-5178 https://access.redhat.com/errata/RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7418 https://access.redhat.com/errata/RHSA-2023:7548 https://access.redhat.com/errata/RHSA-2023:7549 https://access.redhat.com/errata/RHSA-2023:7551 https://access.redhat.com/errata/RHSA-2023:7554 https://access.redhat.com/errata/RHSA-2023:7557 https://access.redhat.com/errata/RHSA-2023 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0

CVE-2023-3972 – Insights-client: unsafe handling of temporary files and directories

https://notcve.org/view.php?id=CVE-2023-3972

This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. • https://access.redhat.com/errata/RHSA-2023:6264 https://access.redhat.com/errata/RHSA-2023:6282 https://access.redhat.com/errata/RHSA-2023:6283 https://access.redhat.com/errata/RHSA-2023:6284 https://access.redhat.com/errata/RHSA-2023:6795 https://access.redhat.com/errata/RHSA-2023:6796 https://access.redhat.com/errata/RHSA-2023:6798 https://access.redhat.com/errata/RHSA-2023:6811 https://access.redhat.com/security/cve/CVE-2023-3972 https://bugzilla.redhat.com/show • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-5847 – Tenable Nessus Link Following Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2023-5847

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. ... This vulnerability allows local attackers to escalate privileges on affected installations of Tenable Nessus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.tenable.com/security/tns-2023-37 https://www.tenable.com/security/tns-2023-38 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-47101

https://notcve.org/view.php?id=CVE-2023-47101

The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair. • https://cyvisory.group/advisory/CYADV-2023-012 https://sourceforge.net/p/securepoint/news/2023/08/2040-is-now-available • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-40685 – IBM i privilege escalation

https://notcve.org/view.php?id=CVE-2023-40685

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264116 https://www.ibm.com/support/pages/node/7060686 • CWE-269: Improper Privilege Management •