CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38280 – IBM Power HMC privilege escalation
https://notcve.org/view.php?id=CVE-2023-38280
IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260740 https://www.ibm.com/support/pages/node/7047713 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40377 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40377
Backup, Recovery, and Media Services (BRMS) for IBM i 7.2, 7.3, and 7.4 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/263583 https://www.ibm.com/support/pages/node/7048121 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40378 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40378
IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/263584 https://www.ibm.com/support/pages/node/7047240 • CWE-269: Improper Privilege Management •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45863 – kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write
https://notcve.org/view.php?id=CVE-2023-45863
This issue may allow a local user to crash the system or potentially escalate their privileges on the system. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3bb2a01caa813d3a1845d378bbe4169ef280d394 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://access.redhat.com/security/cve/CVE-2023-45863 https://bugzilla.redhat.com/show_bug.cgi?id=2244720 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43960
https://notcve.org/view.php?id=CVE-2023-43960
An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component. • https://hackmd.io/%40tahaafarooq/dlink-dph-400se-cwe-200 https://www.exploit-db.com/exploits/51709 • CWE-269: Improper Privilege Management •