CVE-2022-40773 – ManageEngine ServiceDesk Plus MSP exportMickeyList Improper Input Validation Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-40773
This vulnerability allows remote attackers to escalate privileges on affected installations of ManageEngine ServiceDesk Plus MSP. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://www.manageengine.com/products/service-desk-msp/cve-2022-40773.html https://www.zerodayinitiative.com/advisories/ZDI-22-1490 • CWE-20: Improper Input Validation •
CVE-2022-0031 – Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
https://notcve.org/view.php?id=CVE-2022-0031
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2022-0031 • CWE-345: Insufficient Verification of Data Authenticity •
CVE-2022-41123 – Microsoft Exchange Server Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41123
Microsoft Exchange Server Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Exchange Server This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Exchange. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41123 •
CVE-2022-43310
https://notcve.org/view.php?id=CVE-2022-43310
An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path. • https://github.com/hxxt9049/futing https://www.foxitsoftware.cn/support/security-bulletins.html https://www.foxitsoftware.com/support/security-bulletins.php • CWE-427: Uncontrolled Search Path Element •
CVE-2022-41092 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41092
Windows Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41092 •