CVSS: 7.8EPSS: 16%CPEs: 17EXPL: 0CVE-2023-6377 – Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
https://notcve.org/view.php?id=CVE-2023-6377
This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. ... Esto puede permitir una escalada de privilegios local o una posible ejecución remota de código en los casos en que esté involucrado el reenvío X11. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/errata/RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0017 https://access.redhat.com& • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50197 – Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-50197
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-23-1773 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-35633 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35633
Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows Predefined keys in the Microsoft Windows Registry may lead to confused deputy problems and local privilege escalation. • http://packetstormsecurity.com/files/176451/Microsoft-Windows-Registry-Predefined-Keys-Privilege-Escalation.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35633 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48427
https://notcve.org/view.php?id=CVE-2023-48427
This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48677
https://notcve.org/view.php?id=CVE-2023-48677
Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-5620 • CWE-427: Uncontrolled Search Path Element •