CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35654
https://notcve.org/view.php?id=CVE-2023-35654
This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con privilegios de ejecución de System necesarios. • https://source.android.com/security/bulletin/pixel/2023-10-01 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43960
https://notcve.org/view.php?id=CVE-2023-43960
An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component. • https://hackmd.io/%40tahaafarooq/dlink-dph-400se-cwe-200 https://www.exploit-db.com/exploits/51709 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-38159 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38159
Windows Graphics Component Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Graphics Component This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38159 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2023-36594 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36594
Windows Graphics Component Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Windows Graphics Component This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36594 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-36731 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36731
Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36731 • CWE-20: Improper Input Validation •