CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 1CVE-2020-14342 – Ubuntu Security Notice USN-5459-1
https://notcve.org/view.php?id=CVE-2020-14342
09 Sep 2020 — In certain environments, a local attacker could possibly use this issue to escalate privileges. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00109.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14345 – X.Org Server XkbSetNames Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14345
08 Sep 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. • http://www.openwall.com/lists/oss-security/2021/01/15/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23834
https://notcve.org/view.php?id=CVE-2020-23834
04 Sep 2020 — Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. • https://github.com/boku7/BarracudaDrivev6.5-LocalPrivEsc • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4638
https://notcve.org/view.php?id=CVE-2020-4638
03 Sep 2020 — An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. • https://exchange.xforce.ibmcloud.com/vulnerabilities/185508 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14362 – X.Org Server XRecordRegisterClients Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14362
02 Sep 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1869144 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14361 – X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14361
02 Sep 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1869142 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14346 – X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14346
02 Sep 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. ... A local attacker could possibly use this issue to escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1862246 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2020-24955
https://notcve.org/view.php?id=CVE-2020-24955
01 Sep 2020 — SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local privilege escalation because it allows unprivileged users to restore a malicious DLL from quarantine into the system32 folder via an NTFS directory junction, as demonstrated by a crafted ualapi.dll file that is detected as malware. • https://github.com/b1nary0x1/CVE-2020-24955 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 1CVE-2020-8023 – Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
https://notcve.org/view.php?id=CVE-2020-8023
01 Sep 2020 — A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, S... • https://bugzilla.suse.com/show_bug.cgi?id=1172698 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7523
https://notcve.org/view.php?id=CVE-2020-7523
31 Aug 2020 — Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. • https://www.se.com/ww/en/download/document/SEVD-2020-224-01 • CWE-269: Improper Privilege Management •