CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32713 – Local Privilege Escalation via the ‘streamfwd’ program in Splunk App for Stream
https://notcve.org/view.php?id=CVE-2023-32713
In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user. • https://advisory.splunk.com/advisories/SVD-2023-0607 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2023-2598
https://notcve.org/view.php?id=CVE-2023-2598
This flaw enables full local privilege escalation. • https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598 https://github.com/cainiao159357/CVE-2023-2598 http://www.openwall.com/lists/oss-security/2024/04/24/3 https://security.netapp.com/advisory/ntap-20230703-0006 https://www.openwall.com/lists/oss-security/2023/05/08/3 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-32176 – VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32176
VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. • https://success.vipre.com/en_US/antivirus-plus-release-notes/home-plus-release-notes-20230530 https://www.zerodayinitiative.com/advisories/ZDI-23-756 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-32179 – VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32179
VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. • https://success.vipre.com/en_US/antivirus-plus-release-notes/home-plus-release-notes-20230530 https://www.zerodayinitiative.com/advisories/ZDI-23-759 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-32177 – VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32177
VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. • https://success.vipre.com/en_US/antivirus-plus-release-notes/home-plus-release-notes-20230530 https://www.zerodayinitiative.com/advisories/ZDI-23-757 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •