CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-29378
https://notcve.org/view.php?id=CVE-2021-29378
SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php. • https://gitee.com/pear-admin/Pear-Admin-Think/issues/I3DIEC • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23595
https://notcve.org/view.php?id=CVE-2020-23595
Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint. • https://github.com/yzmcms/yzmcms/issues/47 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.4EPSS: 0%CPEs: 66EXPL: 0CVE-2023-30691
https://notcve.org/view.php?id=CVE-2023-30691
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation. Desajuste en AuthenticationConfig anterior a SMR Aug-2023 Release 1 permite a un atacante local la escalada de privilegios. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 1CVE-2023-36900 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36900
Windows Common Log File System Driver Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • https://github.com/RomanRybachek/CVE-2023-36900 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-35359 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35359
Windows Kernel Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a high-privileged service account. ... This can be abused to trick privilege processes to load configuration files and other resources from untrusted locations leading to elevation of privilege. • http://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359 • CWE-23: Relative Path Traversal •