CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21129
https://notcve.org/view.php?id=CVE-2023-21129
15 Jun 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2023-06-01 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21122
https://notcve.org/view.php?id=CVE-2023-21122
15 Jun 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2023-06-01 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0701
https://notcve.org/view.php?id=CVE-2021-0701
15 Jun 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2023-06-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21131
https://notcve.org/view.php?id=CVE-2023-21131
15 Jun 2023 — This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. • https://source.android.com/security/bulletin/2023-06-01 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21135
https://notcve.org/view.php?id=CVE-2023-21135
15 Jun 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2023-06-01 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21126
https://notcve.org/view.php?id=CVE-2023-21126
15 Jun 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/2023-06-01 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0009 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2023-0009
14 Jun 2023 — A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2023-0009 • CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3001 – Schneider Electric IGSS UpdateService Exposed Dangerous Method Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-3001
14 Jun 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric IGSS. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34298 – Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-34298
14 Jun 2023 — Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. ... An attacker can leverage this vulnerability to escalate privileges and execute... • https://www.zerodayinitiative.com/advisories/ZDI-23-858 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-29361 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-29361
13 Jun 2023 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29361 • CWE-416: Use After Free •