CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-51939
https://notcve.org/view.php?id=CVE-2023-51939
An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function. • https://gist.github.com/liang-junkai/1b59487c0f7002fa5da98035b53e409f https://github.com/liang-junkai/Relic-bbs-fault-injection https://github.com/relic-toolkit/relic/issues/284 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0833 – Privilege Elevation via Telerik Test Studio
https://notcve.org/view.php?id=CVE-2024-0833
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/teststudio/knowledge-base/product-notices-kb/legacy-installer-vulnerability https://www.telerik.com/teststudio • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0832 – Privilege Elevation via Telerik Reporting Installer
https://notcve.org/view.php?id=CVE-2024-0832
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/reporting/knowledge-base/legacy-installer-vulnerability https://www.telerik.com/products/reporting.aspx • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0219 – Privilege Elevation via Telerik JustDecompile Installer
https://notcve.org/view.php?id=CVE-2024-0219
In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability https://www.telerik.com/products/decompiler.aspx • CWE-269: Improper Privilege Management •
CVSS: 8.4EPSS: 1%CPEs: 3EXPL: 7CVE-2023-6246 – Glibc: heap-based buffer overflow in __vsyslog_internal()
https://notcve.org/view.php?id=CVE-2023-6246
This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. • https://github.com/elpe-pinillo/CVE-2023-6246 http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html http://seclists.org/fulldisclosure/2024/Feb/3 http://seclists.org/fulldisclosure/2024/Feb/5 https://access.redhat.com/security/cve/CVE-2023-6246 https://bugzilla.redhat.com/show_bug.cgi?id=2249053 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •