CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0030
https://notcve.org/view.php?id=CVE-2023-0030
This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=2157270 https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10 https://security.netapp.com/advisory/ntap-20230413-0010 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-25355 – CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissions
https://notcve.org/view.php?id=CVE-2023-25355
A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`. • https://seclists.org/fulldisclosure/2023/Mar/5 • CWE-276: Incorrect Default Permissions •
CVSS: 8.2EPSS: 0%CPEs: 10EXPL: 0CVE-2022-42476
https://notcve.org/view.php?id=CVE-2022-42476
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests. • https://fortiguard.com/psirt/FG-IR-22-401 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27322 – Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-27322
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://kb.parallels.com/125013 https://www.zerodayinitiative.com/advisories/ZDI-23-216 • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27323 – Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-27323
Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. • https://kb.parallels.com/125013 https://www.zerodayinitiative.com/advisories/ZDI-23-217 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •