CVE-2022-41604
https://notcve.org/view.php?id=CVE-2022-41604
Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. • https://github.com/Wh04m1001/ZoneAlarmEoP https://www.infigo.hr/en/insights/39/elevation-of-privilege-in-zonealarm-extreme-security https://www.zonealarm.com/software/extreme-security/release-history • CWE-269: Improper Privilege Management •
CVE-2022-41141 – Windscribe Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-41141
This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://windscribe.com/changelog/windows https://www.zerodayinitiative.com/advisories/ZDI-22-1300 • CWE-427: Uncontrolled Search Path Element •
CVE-2022-3263 – Measuresoft ScadaPro Server Improper Access Control
https://notcve.org/view.php?id=CVE-2022-3263
This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-265-01 • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •
CVE-2022-35257
https://notcve.org/view.php?id=CVE-2022-35257
A local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and earlier) allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM. • https://community.ui.com/releases/Security-Advisory-Bulletin-025-025/7fc92851-054d-46d3-bdb0-fbb8f7023fed •
CVE-2022-40709 – Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-40709
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000291590 https://www.zerodayinitiative.com/advisories/ZDI-22-1299 • CWE-125: Out-of-bounds Read •