Page 309 of 5095 results (0.170 seconds)

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. ... A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28. ... This flaw allows a local attacker to cause a use-after-free problem, leading to privilege escalation. This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. • https://github.com/lanleft/CVE-2023-1829 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c710f75256bb3cf05ac7b1672c82b92c43f3d28 https://kernel.dance/#8c710f75256bb3cf05ac7b1672c82b92c43f3d28 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://security.netapp.com/advisory/ntap-20230601-0001 https://access.redhat.com/security/cve/CVE-2023-1829 https://bugzilla.redhat.com/show_bug. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb23-24.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. • https://medium.com/nestedif/vulnerability-disclosure-privilege-escalation-tightvnc-8165208cce https://www.tightvnc.com/news.php https://www.tightvnc.com/whatsnew.php • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Additionally, a local attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://fortiguard.com/psirt/FG-IR-22-429 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.1EPSS: 20%CPEs: 166EXPL: 1

This vulnerability allows local attackers to escalate privileges on affected installations of Lexmark MC3224i printers. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://github.com/horizon3ai/CVE-2023-26067 http://packetstormsecurity.com/files/174763/Lexmark-Device-Embedded-Web-Server-Remote-Code-Execution.html https://publications.lexmark.com/publications/security-alerts/CVE-2023-26067.pdf https://support.lexmark.com/alerts • CWE-20: Improper Input Validation •