CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-36804 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36804
Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36804 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38161 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38161
Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38161 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38144 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38144
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38144 • CWE-126: Buffer Over-read •
CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0CVE-2023-38155 – Azure DevOps Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38155
Azure DevOps Server Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Servidor Azure DevOps This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure DevOps Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38155 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2020-24088
https://notcve.org/view.php?id=CVE-2020-24088
An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges. • p=1630 http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation •