CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38557
https://notcve.org/view.php?id=CVE-2023-38557
This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-357182.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38891
https://notcve.org/view.php?id=CVE-2023-38891
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate privileges via the getQueryColumnsList function in ReportRun.php. • https://github.com/jselliott/CVE-2023-38891 https://code.vtiger.com/vtiger/vtigercrm/-/blob/master/modules/Reports/ReportRun.php#L395 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 3CVE-2023-36802 – Microsoft Streaming Service Proxy Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-36802
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Proxy del Servicio de Microsoft Streaming Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/ISH2YU/CVE-2023-36802 https://github.com/x0rb3l/CVE-2023-36802-MSKSSRV-LPE https://github.com/4zur-0312/CVE-2023-36802 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-36804 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36804
Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36804 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38161 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38161
Windows GDI Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38161 • CWE-416: Use After Free •