CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-48108
https://notcve.org/view.php?id=CVE-2022-48108
This vulnerability allows attackers to escalate privileges to root via a crafted payload. • https://github.com/migraine-sudo/D_Link_Vuln/tree/main/cmd%20inject%20in%20Netmask https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-45770
https://notcve.org/view.php?id=CVE-2022-45770
Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation. • https://github.com/Marsel-marsel/CVE-2022-45770 https://adguard.com/en/versions/windows/release.html#version-71140780 https://hackmag.com/security/aguard-cve https://xakep.ru/2023/01/27/aguard-cve • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-43997
https://notcve.org/view.php?id=CVE-2022-43997
Incorrect access control in Aternity agent in Riverbed Aternity before 12.1.4.27 allows for local privilege escalation. • https://gist.github.com/jackullrich/21fcfe75aeb5e18c60b80e684b83d741 https://winternl.com/cve-2022-43997 •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 3CVE-2023-0179 – kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan
https://notcve.org/view.php?id=CVE-2023-0179
This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. • https://github.com/TurtleARM/CVE-2023-0179-PoC https://github.com/H4K6/CVE-2023-0179-PoC http://packetstormsecurity.com/files/171601/Kernel-Live-Patch-Security-Notice-LNS-0093-1.html https://bugzilla.redhat.com/show_bug.cgi?id=2161713 https://seclists.org/oss-sec/2023/q1/20 https://security.netapp.com/advisory/ntap-20230511-0003 https://access.redhat.com/security/cve/CVE-2023-0179 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-40037
https://notcve.org/view.php?id=CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile. • https://github.com/rawchen/blog-ssm/issues/2 • CWE-434: Unrestricted Upload of File with Dangerous Type •