CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27362 – 3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-27362
21 Aug 2023 — 3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can lever... • https://www.3cx.com/blog/releases/v18-u8 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38899
https://notcve.org/view.php?id=CVE-2023-38899
21 Aug 2023 — SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local attacker to escalate privileges via the secure_file_priv component. • http://o.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-28715
https://notcve.org/view.php?id=CVE-2020-28715
21 Aug 2023 — An issue was discovered in kdmserver service in LeEco LeTV X43 version V2401RCN02C080080B04121S, allows attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS). • http://leeco.com •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40352 – McAfee Safe Connect VPN Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-40352
21 Aug 2023 — McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs. ... This vulnerability allows local attackers to escalate privileges on affected installations of McAfee Safe Connect VPN. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37250
https://notcve.org/view.php?id=CVE-2023-37250
20 Aug 2023 — Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. • https://github.com/ewilded/CVE-2023-37250-POC • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2737 – Improper securing of log directory may allow a denial of service
https://notcve.org/view.php?id=CVE-2023-2737
16 Aug 2023 — Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation. Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation. Los permisos de registro inadecuados en SafeNet Authentication Service versión 3.4.0 en Windows permiten que un at... • https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=08f460ba47bba550c0e42e61e36d432f&sysparm_article=KB0027485 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38401 – Local Privilege Escalation in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client
https://notcve.org/view.php?id=CVE-2023-38401
15 Aug 2023 — A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. ... A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21229
https://notcve.org/view.php?id=CVE-2023-21229
14 Aug 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/wear/2023-08-01 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21231
https://notcve.org/view.php?id=CVE-2023-21231
14 Aug 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/wear/2023-08-01 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21234
https://notcve.org/view.php?id=CVE-2023-21234
14 Aug 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/wear/2023-08-01 • CWE-862: Missing Authorization •