CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37849
https://notcve.org/view.php?id=CVE-2023-37849
13 Jul 2023 — A DLL hijacking vulnerability in Panda Security VPN for Windows prior to version v15.14.8 allows attackers to execute arbitrary code via placing a crafted DLL file in the same directory as PANDAVPN.exe. Una vulnerabilidad de secuestro de DLL en Panda Security VPN para Windows anterior a la versión v15.14.8 permite a los atacantes ejecutar código arbitrario mediante la colocación de un archivo DLL manipulado en el mismo directorio que "PANDAVPN.exe". • https://heegong.github.io/posts/Local-privilege-escalation-in-Panda-Dome-VPN-for-Windows-Installer • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35693
https://notcve.org/view.php?id=CVE-2023-35693
12 Jul 2023 — This could lead to local escalation of privilege with System execution privileges needed. • https://android.googlesource.com/kernel/common/+/8ff940b3513cb • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 1CVE-2023-21400 – Debian Security Advisory 5480-1
https://notcve.org/view.php?id=CVE-2023-21400
12 Jul 2023 — This could lead to local escalation of privilege in the kernel with System execution privileges needed. ... A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21399
https://notcve.org/view.php?id=CVE-2023-21399
12 Jul 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2023-07-01 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21257
https://notcve.org/view.php?id=CVE-2023-21257
12 Jul 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/1aec7feaf07e6d4568ca75d18158445dbeac10f6 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21256
https://notcve.org/view.php?id=CVE-2023-21256
12 Jul 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/62fc1d269f5e754fc8f00b6167d79c3933b4c1f4 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21255 – Ubuntu Security Notice USN-6339-3
https://notcve.org/view.php?id=CVE-2023-21255
12 Jul 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://android.googlesource.com/kernel/common/+/1ca1130ec62d • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21254
https://notcve.org/view.php?id=CVE-2023-21254
12 Jul 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/fa539c85503dc63bfb53c76b6f12b3549f14a709 • CWE-863: Incorrect Authorization •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 1CVE-2023-21251
https://notcve.org/view.php?id=CVE-2023-21251
12 Jul 2023 — This could lead to local escalation of privilege with User execution privileges needed. • https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21251 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21249
https://notcve.org/view.php?id=CVE-2023-21249
12 Jul 2023 — This could lead to local escalation of privilege with User execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/c00b7e7dbc1fa30339adef693d02a51254755d7f • CWE-281: Improper Preservation of Permissions •