CVSS: 6.7EPSS: 0%CPEs: 105EXPL: 0CVE-2023-32461
https://notcve.org/view.php?id=CVE-2023-32461
A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges. • https://www.dell.com/support/kbdoc/en-us/000216543/dsa-2023-292-security-update-for-dell-poweredge-server-bios-vulnerability • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38557
https://notcve.org/view.php?id=CVE-2023-38557
This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-357182.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38891
https://notcve.org/view.php?id=CVE-2023-38891
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate privileges via the getQueryColumnsList function in ReportRun.php. • https://github.com/jselliott/CVE-2023-38891 https://code.vtiger.com/vtiger/vtigercrm/-/blob/master/modules/Reports/ReportRun.php#L395 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2023-4921 – Use-after-free in Linux kernel's net/sched: sch_qfq component
https://notcve.org/view.php?id=CVE-2023-4921
This issue may allow a local user to crash the system or escalate their privileges on the system. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8fc134fee27f2263988ae38920bc03da416b03d8 https://kernel.dance/8fc134fee27f2263988ae38920bc03da416b03d8 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://access.redhat.com/security/cve/CVE-2023-4921 https://bugzilla.redhat.com/show_bug.cgi?id=2245514 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 3CVE-2023-36802 – Microsoft Streaming Service Proxy Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-36802
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Proxy del Servicio de Microsoft Streaming Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/ISH2YU/CVE-2023-36802 https://github.com/x0rb3l/CVE-2023-36802-MSKSSRV-LPE https://github.com/4zur-0312/CVE-2023-36802 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802 • CWE-416: Use After Free •