CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-43766
https://notcve.org/view.php?id=CVE-2023-43766
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. • https://www.withsecure.com/en/support/security-advisories https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn4 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-41992 – Apple Multiple Products Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41992
A local attacker may be able to elevate their privileges. ... Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation. • https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42099 – Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-42099
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-23-1449 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-37410 – IBM Personal Communications privilege escalation
https://notcve.org/view.php?id=CVE-2023-37410
IBM Personal Communications 14.05, 14.06, and 15.0.0 could allow a local user to escalate their privileges to the SYSTEM user due to overly permissive access controls. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260138 https://www.ibm.com/support/pages/node/7031707 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41902
https://notcve.org/view.php?id=CVE-2023-41902
An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files. • https://gist.github.com/NSEcho/5d048a0796ceef59d6b1df1659bd1057 https://www.corecode.io/macupdater/history2.html https://www.corecode.io/macupdater/history3.html • CWE-434: Unrestricted Upload of File with Dangerous Type •