CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33240
https://notcve.org/view.php?id=CVE-2023-33240
19 May 2023 — Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. • https://www.foxit.com/support/security-bulletins.html • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2023-31748 – MobileTrans 4.0.11 - Weak Service Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-31748
19 May 2023 — Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file. • https://packetstorm.news/files/id/172466 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4418
https://notcve.org/view.php?id=CVE-2022-4418
18 May 2023 — Local privilege escalation due to unrestricted loading of unsigned libraries. • https://security-advisory.acronis.com/advisories/SEC-4729 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-45452
https://notcve.org/view.php?id=CVE-2022-45452
18 May 2023 — Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-3967 • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32555 – Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32555
17 May 2023 — A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex O... • https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-32246 – Linux Kernel ksmbd RCU Callback Race Condition Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32246
17 May 2023 — This vulnerability allows local attackers to execute arbitrary code on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33952 – Kernel: vmwgfx: double free within the handling of vmw_buffer_object objects
https://notcve.org/view.php?id=CVE-2023-33952
17 May 2023 — This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute ... • https://access.redhat.com/errata/RHSA-2023:6583 • CWE-415: Double Free •
CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2860 – Out-of-bounds read when setting hmac data
https://notcve.org/view.php?id=CVE-2023-2860
17 May 2023 — This flaw allows a privileged local user to disclose sensitive information on affected installations of the Linux kernel. This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. ... An attacker can leverage this in conjunction with other vulnerabilties to escalate privileges and execute arbitrary code in the context of the kernel. ... A local attacker could possibly use this to cause a denial of serv... • https://access.redhat.com/security/cve/CVE-2023-2860 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32554 – Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32554
17 May 2023 — A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex O... • https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 2CVE-2023-25394 – VideoStream Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-25394
16 May 2023 — Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script attempts to update Videostream every 5 hours. • https://danrevah.github.io/2023/05/03/CVE-2023-25394-VideoStream-LPE • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •