CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27411
https://notcve.org/view.php?id=CVE-2023-27411
This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39520 – Cryptomator vulnerable to Local Elevation of Privileges
https://notcve.org/view.php?id=CVE-2023-39520
The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via the `repair` function. • https://github.com/cryptomator/cryptomator/commit/727c32ad50c3901a6144a11cf984a3b7ebcf8b2b https://github.com/cryptomator/cryptomator/releases/download/1.9.2/Cryptomator-1.9.2-x64.msi https://github.com/cryptomator/cryptomator/releases/tag/1.9.3 https://github.com/cryptomator/cryptomator/security/advisories/GHSA-62gx-54j7-mjh3 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-4147 – Kernel: netfilter: nf_tables_newrule when adding a rule with nfta_rule_chain_id leads to use-after-free
https://notcve.org/view.php?id=CVE-2023-4147
This flaw allows a local user to crash or escalate their privileges on the system. • https://access.redhat.com/errata/RHSA-2023:5069 https://access.redhat.com/errata/RHSA-2023:5091 https://access.redhat.com/errata/RHSA-2023:5093 https://access.redhat.com/errata/RHSA-2023:7382 https://access.redhat.com/errata/RHSA-2023:7389 https://access.redhat.com/errata/RHSA-2023:7411 https://access.redhat.com/security/cve/CVE-2023-4147 https://bugzilla.redhat.com/show_bug.cgi?id=2225239 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/&# • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37498 – HCL Unica Platform is vulnerable to a privilege escalation by unauthorized group assignation
https://notcve.org/view.php?id=CVE-2023-37498
It is possible that an attacker could potentially escalate their privileges. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106545 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-32764
https://notcve.org/view.php?id=CVE-2023-32764
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator. • https://help.supportservices.fabasoft.com/index.php?topic=doc/Vulnerabilities-Fabasoft-Folio/vulnerabilities-2023.htm#client-autoupdate-harmful-code-installation-vulnerability-pdo06614- https://www.compass-security.com/fileadmin/Research/Advisories/2023_01_CSNC-2023-002_LPE_Cloud_Client.txt •