CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2022-45451
https://notcve.org/view.php?id=CVE-2022-45451
31 Aug 2023 — Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984. • https://github.com/alfarom256/CVE-2022-45451 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 6%CPEs: 4EXPL: 2CVE-2023-20562 –
https://notcve.org/view.php?id=CVE-2023-20562
08 Aug 2023 — Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. • https://github.com/zeze-zeze/HITCON-2023-Demo-CVE-2023-20562 •
CVSS: 8.8EPSS: 18%CPEs: 16EXPL: 1CVE-2023-36900 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36900
08 Aug 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the clfs.sys driver. • https://github.com/RomanRybachek/CVE-2023-36900 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35863
https://notcve.org/view.php?id=CVE-2023-35863
05 Jul 2023 — In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. • https://ctrl-c.club/~blue/nfsdk.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 16%CPEs: 10EXPL: 2CVE-2023-29360 – Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability
https://notcve.org/view.php?id=CVE-2023-29360
13 Jun 2023 — Microsoft Streaming Service Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the mskssrv driver. • https://github.com/0xDivyanshu-new/CVE-2023-29360 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-32163 – Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32163
26 May 2023 — Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. ... Los controladores Wacom para Windows se vinculan tras una vulnerabilidad de escalada de privilegios locales. Esta vulnerabilidad permite a atacantes locale... • https://github.com/LucaBarile/ZDI-CAN-16857 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-32162 – Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32162
26 May 2023 — Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. ... Controladores Wacom para Windows Asignación de permisos incorrecta Vulnerabilidad de escalada de privilegios locales. Esta vulnerabilidad ... • https://github.com/LucaBarile/ZDI-CAN-16318 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 52%CPEs: 15EXPL: 9CVE-2023-28252 – Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-28252
11 Apr 2023 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows Common Log File System Driver Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. • http://packetstormsecurity.com/files/174668/Windows-Common-Log-File-System-Driver-clfs.sys-Privilege-Escalation.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 24%CPEs: 15EXPL: 1CVE-2023-28218 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28218
11 Apr 2023 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability • https://github.com/h1bAna/CVE-2023-28218 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.6EPSS: 1%CPEs: 2EXPL: 3CVE-2022-43293
https://notcve.org/view.php?id=CVE-2022-43293
11 Apr 2023 — Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe. • https://cdn.wacom.com/u/productsupport/drivers/win/professional/releasenotes/Windows_6.4.2-1.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •