CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-32178 – VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32178
VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. ... VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. ... This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. • https://success.vipre.com/en_US/antivirus-plus-release-notes/home-plus-release-notes-20230530 https://www.zerodayinitiative.com/advisories/ZDI-23-758 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32175 – VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32175
VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.vipre.com/en_US/antivirus-plus-release-notes/home-plus-release-notes-20230530 https://www.zerodayinitiative.com/advisories/ZDI-23-755 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2939
https://notcve.org/view.php?id=CVE-2023-2939
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html https://crbug.com/1427431 https://security.gentoo.org/glsa/202311-11 https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5418 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28080
https://notcve.org/view.php?id=CVE-2023-28080
A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. • https://www.dell.com/support/kbdoc/en-us/000214248/dsa-2023-154-powerpath-windows-security-update-for-security-update-for-multiple-vulnerabilities • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28079
https://notcve.org/view.php?id=CVE-2023-28079
A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. • https://www.dell.com/support/kbdoc/en-us/000214248/dsa-2023-154-powerpath-windows-security-update-for-security-update-for-multiple-vulnerabilities • CWE-276: Incorrect Default Permissions •