CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46741 – CubeFS leaks magic secret key when starting Blobstore access service
https://notcve.org/view.php?id=CVE-2023-46741
A vulnerability was found in CubeFS prior to version 3.3.1 that could allow users to read sensitive data from the logs which could allow them escalate privileges. CubeFS leaks configuration keys in plaintext format in the logs. • https://github.com/cubefs/cubefs/commit/972f0275ee8d5dbba4b1530da7c145c269b31ef5 https://github.com/cubefs/cubefs/security/advisories/GHSA-8h2x-gr2c-c275 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41776 – Local Privilege Escalation Vulnerability of ZTE's ZXCLOUD iRAI
https://notcve.org/view.php?id=CVE-2023-41776
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges. Existe una vulnerabilidad de escalada de privilegios local en ZXCLOUD iRAI de ZTE. • https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404 • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48418 – User Build misconfiguration resulting in local escalation of privilege
https://notcve.org/view.php?id=CVE-2023-48418
This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. • http://packetstormsecurity.com/files/176446/Android-DeviceVersionFragment.java-Privilege-Escalation.html https://source.android.com/docs/security/bulletin/pixel-watch/2023/2023-12-01 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 48EXPL: 0CVE-2023-32891
https://notcve.org/view.php?id=CVE-2023-32891
This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con privilegios de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 33EXPL: 0CVE-2023-32885
https://notcve.org/view.php?id=CVE-2023-32885
This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •