CVSS: 7.5EPSS: 0%CPEs: 103EXPL: 0CVE-2023-1995 – Insufficient Logging Vulnerability in HiRDB
https://notcve.org/view.php?id=CVE-2023-1995
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W , before 09-66-/Q ; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02. Vulnerabilidad de registro insuficiente en Hitachi HiRDB Server, HiRDB Server con función adicional, HiRDB Structured Data Access Facility. Este problema afecta al servidor HiRDB: antes del 09-60-39, antes del 09-65-23, antes del 09-66-17, antes del 10- 01-10, antes del 10-03-12, antes del 10-04-06, antes del 10-05-06, antes del 10-06-02; Servidor HiRDB con función adicional: antes de 09-60-2M, antes de 09-65-/W, antes de 09-66-/Q; Instalación de acceso a datos estructurados de HiRDB: antes del 60-09-39, antes del 03-10-12, antes del 04-10-06, antes del 06-10-02. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-133/index.html • CWE-778: Insufficient Logging •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38402 – Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client
https://notcve.org/view.php?id=CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38401 – Local Privilege Escalation in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client
https://notcve.org/view.php?id=CVE-2023-38401
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-36858 – BIG-IP Edge Client for Windows and macOS vulnerability
https://notcve.org/view.php?id=CVE-2023-36858
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Existe una vulnerabilidad de verificación insuficiente de datos en BIG-IP Edge Client para Windows y macOS que puede permitir a un atacante modificar su lista de servidores configurados. Nota: No se evalúan las versiones de software que han alcanzado el fin del soporte técnico (EoTS). • https://my.f5.com/manage/s/article/K000132563 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24491
https://notcve.org/view.php?id=CVE-2023-24491
A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM. • https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491 • CWE-269: Improper Privilege Management •