Page 162 of 3512 results (0.064 seconds)

CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-20193

https://notcve.org/view.php?id=CVE-2023-20193

A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. ... A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-4623 – Use-after-free in Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component

https://notcve.org/view.php?id=CVE-2023-4623

A use-after-free flaw was found in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component that can be exploited to achieve local privilege escalation. • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://access.redhat.com/security/cve/CVE-2023-4623 https://bugzilla.redhat.com/show_bug.cgi?id=2237757 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2023-4622 – Use-after-free in Linux kernel's af_unix component

https://notcve.org/view.php?id=CVE-2023-4622

A use-after-free flaw was found in the Linux kernel's af_unix component that allows local privilege escalation. • https://github.com/0range1337/CVE-CVE-2023-4622 http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://www.debian.org/security/2023 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-4208 – Use-after-free in Linux kernel's net/sched: cls_u32 component

https://notcve.org/view.php?id=CVE-2023-4208

A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system. Similar CVE-2023-4128 was rejected as a duplicate. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81 https://kernel.dance/3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://www.debian.org/security/2023/dsa-5492 https://access.redhat.com/security/cve/CVE-2023-4208 https://bugzilla.redhat.com/show_bug.cgi?id=2225511 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-4207 – Use-after-free in Linux kernel's net/sched: cls_fw component

https://notcve.org/view.php?id=CVE-2023-4207

A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system. Similar CVE-2023-4128 was rejected as a duplicate. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec https://kernel.dance/76e42ae831991c828cffa8c37736ebfb831ad5ec https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://www.debian.org/security/2023/dsa-5492 https://access.redhat.com/security/cve/CVE-2023-4207 https://bugzilla.redhat.com/show_bug.cgi?id=2225511 • CWE-416: Use After Free •