CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20938 – Ubuntu Security Notice USN-5939-1
https://notcve.org/view.php?id=CVE-2023-20938
28 Feb 2023 — This could lead to local escalation of privilege with no additional execution privileges needed. ... A local attacker could possibly use this to gain elevated privileges. ... A local attacker could possibly use this to expose sensitive information. • https://source.android.com/security/bulletin/2023-02-01 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2023-20944
https://notcve.org/view.php?id=CVE-2023-20944
28 Feb 2023 — In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. • https://github.com/Trinadh465/frameworks_base_CVE-2023-20944 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25148 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-25148
24 Feb 2023 — A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and<... • https://success.trendmicro.com/solution/000292209 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25144 – Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-25144
24 Feb 2023 — An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000292209 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25145 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-25145
24 Feb 2023 — A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000292209 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25146 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-25146
24 Feb 2023 — A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrary location. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to es... • https://success.trendmicro.com/solution/000292209 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2023-0461 – Use-after-free vulnerability in the Linux Kernel
https://notcve.org/view.php?id=CVE-2023-0461
23 Feb 2023 — There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. ... This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0461 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24575
https://notcve.org/view.php?id=CVE-2023-24575
21 Feb 2023 — Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system • https://www.dell.com/support/kbdoc/en-us/000208396/dsa-2023-043 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32142 – LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp
https://notcve.org/view.php?id=CVE-2021-32142
17 Feb 2023 — Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. • https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32163
https://notcve.org/view.php?id=CVE-2021-32163
17 Feb 2023 — Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization. • https://github.com/mosn/mosn/issues/1633 • CWE-863: Incorrect Authorization •