NotCVE - "Local privilege Escalation"

Page 146 of 5045 results (0.078 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-0751 – Mozilla: Privilege escalation through devtools

https://notcve.org/view.php?id=CVE-2024-0751

A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. ... The Mozilla Foundation Security Advisory describes this flaw as: A malicious devtools extension could have been used to escalate privileges. • https://bugzilla.mozilla.org/show_bug.cgi?id=1865689 https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html https://www.mozilla.org/security/advisories/mfsa2024-01 https://www.mozilla.org/security/advisories/mfsa2024-02 https://www.mozilla.org/security/advisories/mfsa2024-04 https://access.redhat.com/security/cve/CVE-2024-0751 https://bugzilla.redhat.com/show_bug.cgi?id=2259932 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0

CVE-2023-52338 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2023-52338

A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de link following en Trend Micro Deep Security 20.0 y Trend Micro Cloud One - Endpoint and Workload Security Agent podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-24-076 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0

CVE-2023-52337 – Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2023-52337

An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de control de acceso inadecuado en Trend Micro Deep Security 20.0 y Trend Micro Cloud One - Endpoint and Workload Security Agent podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-24-075 •

CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2023-6816 – Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer

https://notcve.org/view.php?id=CVE-2023-6816

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2024/01/18/1 https://access.redhat.com/errata/RHSA-2024:0320 https://access.redhat.com/errata/RHSA-2024:0557 https://access.redhat.com/errata/RHSA-2024:0558 https://access.redhat.com/errata/RHSA-2024:0597 https://access.redhat.com/errata/RHSA-2024:0607 https://access.redhat.com/errata/RHSA-2024:0614 https://access.redhat.com/errata/RHSA-2024:0617 https://access.redhat.com/errata/RHSA-2024:0621 https://access.redhat.com& • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-21885 – Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent

https://notcve.org/view.php?id=CVE-2024-21885

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2024:0320 https://access.redhat.com/errata/RHSA-2024:0557 https://access.redhat.com/errata/RHSA-2024:0558 https://access.redhat.com/errata/RHSA-2024:0597 https://access.redhat.com/errata/RHSA-2024:0607 https://access.redhat.com/errata/RHSA-2024:0614 https://access.redhat.com/errata/RHSA-2024:0617 https://access.redhat.com/errata/RHSA-2024:0621 https://access.redhat.com/errata/RHSA-2024:0626 https://access.redhat.com/errata/RHSA • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •

1...144 145 146 147 148