Page 177 of 3514 results (0.040 seconds)

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-32050 – Windows Installer Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2023-32050

Windows Installer Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32050 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-42082 – Local Privilege Escalation to root in OSNEXUS QuantaStor before 6.0.0.355

https://notcve.org/view.php?id=CVE-2021-42082

Local users are able to execute scripts under root privileges. • https://csirt.divd.nl/CVE-2021-42082 https://www.divd.nl/DIVD-2021-00020 https://www.osnexus.com/products/software-defined-storage https://www.wbsec.nl/osnexus https://csirt.divd.nl/DIVD-2021-00020 • CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-30765 – ​Delta Electronics InfraSuite Device Master Improper Access Control

https://notcve.org/view.php?id=CVE-2023-30765

This vulnerability allows remote attackers to escalate privileges on affected installations of Delta Electronics InfraSuite Device Master. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://github.com/0xfml/CVE-2023-30765 https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01 • CWE-284: Improper Access Control •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-32000

https://notcve.org/view.php?id=CVE-2023-32000

A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page. • https://community.ui.com/releases/Security-Advisory-Bulletin-034-034/53cfcb84-b42b-4f8f-afbf-07c0ca7cabe2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

CVE-2023-3269 – Distros-[dirtyvma] privilege escalation via non-rcu-protected vma traversal

https://notcve.org/view.php?id=CVE-2023-3269

This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges. • http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/28/1 http://www.openwall.com/lists/oss-security/2023/08/25/1 http://www.openwall.com/lists/oss-security/2023/08/25/4 https://access.redhat.com/security/cve/CVE-2023-3269 https://bugzilla.redhat.com/show_bug.cgi?id=2215268 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6AAA64CUPSMBW6XDTXPQJ3KQWYQ4K7L https://security.netapp.com/advisory • CWE-416: Use After Free •