CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27411
https://notcve.org/view.php?id=CVE-2023-27411
This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39520 – Cryptomator vulnerable to Local Elevation of Privileges
https://notcve.org/view.php?id=CVE-2023-39520
The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via the `repair` function. • https://github.com/cryptomator/cryptomator/commit/727c32ad50c3901a6144a11cf984a3b7ebcf8b2b https://github.com/cryptomator/cryptomator/releases/download/1.9.2/Cryptomator-1.9.2-x64.msi https://github.com/cryptomator/cryptomator/releases/tag/1.9.3 https://github.com/cryptomator/cryptomator/security/advisories/GHSA-62gx-54j7-mjh3 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2023-20817
https://notcve.org/view.php?id=CVE-2023-20817
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2023-20816
https://notcve.org/view.php?id=CVE-2023-20816
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2023-20815
https://notcve.org/view.php?id=CVE-2023-20815
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-787: Out-of-bounds Write •