CVSS: 8.8EPSS: 2%CPEs: 10EXPL: 2CVE-2023-29360 – Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability
https://notcve.org/view.php?id=CVE-2023-29360
13 Jun 2023 — Microsoft Streaming Service Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a loca... • https://github.com/0xDivyanshu-new/CVE-2023-29360 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30897
https://notcve.org/view.php?id=CVE-2023-30897
13 Jun 2023 — This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32221 – EaseUS Todo Backup may allow local privilege escalation
https://notcve.org/view.php?id=CVE-2023-32221
12 Jun 2023 — EaseUS Todo Backup version 20220111.390 - An omission during installation may allow a local attacker to perform privilege escalation. • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34146 – Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-34146
08 Jun 2023 — An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate... • https://success.trendmicro.com/dcx/s/solution/000293322?language=en_US • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34144 – Trend Micro Apex One Security Agent Untrusted Search Path Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-34144
08 Jun 2023 — An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000293322?language=en_US • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34148 – Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-34148
08 Jun 2023 — An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate... • https://success.trendmicro.com/dcx/s/solution/000293322?language=en_US • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34147 – Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-34147
08 Jun 2023 — An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate... • https://success.trendmicro.com/dcx/s/solution/000293322?language=en_US • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34145 – Trend Micro Apex One Security Agent Untrusted Search Path Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-34145
08 Jun 2023 — An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000293322?language=en_US • CWE-426: Untrusted Search Path •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-33553
https://notcve.org/view.php?id=CVE-2023-33553
07 Jun 2023 — An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of the LoginStatus cookie. • https://github.com/0xfml/poc/blob/main/PLANET/WDRT-1800AX.md • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2023-33865 – Gentoo Linux Security Advisory 202311-10
https://notcve.org/view.php?id=CVE-2023-33865
07 Jun 2023 — RenderDoc before 1.27 allows local privilege escalation via a symlink attack. • http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •