CVE-2022-36927 – Local Privilege Escalation in Zoom Rooms for macOS Clients
https://notcve.org/view.php?id=CVE-2022-36927
Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2022-22736
https://notcve.org/view.php?id=CVE-2022-22736
If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. • https://bugzilla.mozilla.org/show_bug.cgi?id=1742692 https://www.mozilla.org/security/advisories/mfsa2022-01 • CWE-427: Uncontrolled Search Path Element •
CVE-2022-46334 – Proofpoint Enterprise Protection Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-46334
Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below. Proofpoint Enterprise Protection (PPS/PoD) contiene una vulnerabilidad que permite al usuario de pps escalar a privilegios de root debido a permisos innecesarios. Esto afecta a todas las versiones 8.19.0 y anteriores. • https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0004 • CWE-269: Improper Privilege Management •
CVE-2022-42046
https://notcve.org/view.php?id=CVE-2022-42046
wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation wfshbr64.sys y wfshbr32.sys IOCTL especialmente manipulado permiten a cualquier usuario realizar una escalada de privilegios local • https://github.com/kkent030315/CVE-2022-42046 https://www.wfs.games/news/20221220_01.html • CWE-269: Improper Privilege Management •
CVE-2022-20572 – kernel: missing DM_TARGET_IMMUTABLE feature flag in verity_target in drivers/md/dm-verity-target.c
https://notcve.org/view.php?id=CVE-2022-20572
This flaw can lead to local privilege escalation. • https://source.android.com/security/bulletin/pixel/2022-12-01 https://access.redhat.com/security/cve/CVE-2022-20572 https://bugzilla.redhat.com/show_bug.cgi?id=2186545 • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •