CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45174 – IBM AIX privilege escalation
https://notcve.org/view.php?id=CVE-2023-45174
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. ... IBM AIX 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local privilegiado aproveche una vulnerabilidad en el comando qdaemon para escalar privilegios o provocar una denegación de servicio. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267972 https://www.ibm.com/support/pages/node/7095022 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2023-49147 – PDF24 Creator 11.15.1 Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-49147
This allows an unprivileged local attacker to use a chain of actions (e.g., an oplock on faxPrnInst.log) to open a SYSTEM cmd.exe. ... Esto permite a un atacante local sin privilegios utilizar una cadena de acciones (por ejemplo, un bloqueo de operación en faxPrnInst.log) para abrir un cmd.exe de SYSTEM. PDF24 Creator versions 11.15.1 and below suffer from a local privilege escalation vulnerability via the MSI installer. • http://packetstormsecurity.com/files/176206/PDF24-Creator-11.15.1-Local-Privilege-Escalation.html http://seclists.org/fulldisclosure/2023/Dec/18 https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-pdf24-creator-geek-software-gmbh •
CVSS: 7.6EPSS: 0%CPEs: 17EXPL: 0CVE-2023-6478 – Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
https://notcve.org/view.php?id=CVE-2023-6478
This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/errata/RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0017 https://access.redhat.com& • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 16%CPEs: 17EXPL: 0CVE-2023-6377 – Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
https://notcve.org/view.php?id=CVE-2023-6377
This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. ... Esto puede permitir una escalada de privilegios local o una posible ejecución remota de código en los casos en que esté involucrado el reenvío X11. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/errata/RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0017 https://access.redhat.com& • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50197 – Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-50197
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-23-1773 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •