CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38443
https://notcve.org/view.php?id=CVE-2023-38443
04 Sep 2023 — In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges En vowifiservice, es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36326
https://notcve.org/view.php?id=CVE-2023-36326
01 Sep 2023 — Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function. • https://github.com/relic-toolkit/relic/commit/34580d840469361ba9b5f001361cad659687b9ab • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24674
https://notcve.org/view.php?id=CVE-2023-24674
01 Sep 2023 — Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter. • https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36100
https://notcve.org/view.php?id=CVE-2023-36100
01 Sep 2023 — An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser. • https://github.com/Thecosy/IceCMS/issues/15 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46869
https://notcve.org/view.php?id=CVE-2022-46869
31 Aug 2023 — Local privilege escalation during installation due to improper soft link handling. • https://security-advisory.acronis.com/advisories/SEC-3835 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-269: Improper Privilege Management CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-41744
https://notcve.org/view.php?id=CVE-2023-41744
31 Aug 2023 — Local privilege escalation due to unrestricted loading of unsigned libraries. • https://security-advisory.acronis.com/advisories/SEC-4728 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-41743
https://notcve.org/view.php?id=CVE-2023-41743
31 Aug 2023 — Local privilege escalation due to insecure driver communication port permissions. • https://security-advisory.acronis.com/SEC-4858 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46868
https://notcve.org/view.php?id=CVE-2022-46868
31 Aug 2023 — Local privilege escalation during recovery due to improper soft link handling. • https://security-advisory.acronis.com/advisories/SEC-2499 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2022-45451
https://notcve.org/view.php?id=CVE-2022-45451
31 Aug 2023 — Local privilege escalation due to insecure driver communication port permissions. • https://github.com/alfarom256/CVE-2022-45451 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-3777 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-3777
30 Aug 2023 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. ... Una vulnerabilidad de Use-After-Free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para lograr una escalada de privilegios local. ... A use-after-free flaw was found in the Linux kernel's netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. ... A