CVE-2023-25146 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-25146
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000292209 https://www.zerodayinitiative.com/advisories/ZDI-23-172 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2023-24575
https://notcve.org/view.php?id=CVE-2023-24575
Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system • https://www.dell.com/support/kbdoc/en-us/000208396/dsa-2023-043 • CWE-428: Unquoted Search Path or Element •
CVE-2022-32972
https://notcve.org/view.php?id=CVE-2022-32972
Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation. • https://community.infoblox.com/t5/trending-kb-articles/cve-2022-32972-infoblox-bloxone-endpoint-for-windows-local/ba-p/24912 https://infoblox.com • CWE-427: Uncontrolled Search Path Element •
CVE-2021-32142 – LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp
https://notcve.org/view.php?id=CVE-2021-32142
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. • https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 https://github.com/LibRaw/LibRaw/issues/400 https://github.com/gtt1995 https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L https://www.debian.org/security/2023/dsa-5412 https://www • CWE-787: Out-of-bounds Write •
CVE-2021-32163
https://notcve.org/view.php?id=CVE-2021-32163
Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization. • https://github.com/mosn/mosn/issues/1633 https://github.com/mosn/mosn/pull/1637 • CWE-863: Incorrect Authorization •