CVE-2022-34382
https://notcve.org/view.php?id=CVE-2022-34382
Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. • https://www.dell.com/support/kbdoc/000202198 •
CVE-2021-25657 – Avaya IP Office Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-25657
A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0037/MNDT-2022-0037.md https://support.avaya.com/css/P8/documents/101083319 • CWE-269: Improper Privilege Management •
CVE-2022-37347 – Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-37347
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/tmka-11058 https://www.zerodayinitiative.com/advisories/ZDI-22-1176 • CWE-125: Out-of-bounds Read •
CVE-2022-37348 – Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-37348
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/tmka-11058 https://www.zerodayinitiative.com/advisories/ZDI-22-1177 • CWE-125: Out-of-bounds Read •
CVE-2022-34893 – Trend Micro Maximum Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-34893
Trend Micro Security versión 2022 (consumer), presenta una vulnerabilidad de tipo link following en la que un atacante con bajos privilegios podría manipular un punto de montaje que podría conllevar a una escalada de privilegios en una máquina afectada This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/tmka-11053 https://www.zerodayinitiative.com/advisories/ZDI-22-1175 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •