CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31572
https://notcve.org/view.php?id=CVE-2023-31572
An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request. • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/bludit/2023/Bludit-v4.0.0-Release-candidate-2 •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25394 – VideoStream Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-25394
Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script attempts to update Videostream every 5 hours. • https://danrevah.github.io/2023/05/03/CVE-2023-25394-VideoStream-LPE https://getvideostream.com https://www.kb.cert.org/vuls/id/757109 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 29EXPL: 0CVE-2023-20700
https://notcve.org/view.php?id=CVE-2023-20700
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 45EXPL: 0CVE-2023-20673
https://notcve.org/view.php?id=CVE-2023-20673
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 44EXPL: 0CVE-2023-20707
https://notcve.org/view.php?id=CVE-2023-20707
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •