CVSS: 6.7EPSS: 0%CPEs: 63EXPL: 0CVE-2023-20653
https://notcve.org/view.php?id=CVE-2023-20653
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-20687
https://notcve.org/view.php?id=CVE-2023-20687
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 56EXPL: 0CVE-2023-20664
https://notcve.org/view.php?id=CVE-2023-20664
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2023 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1412 – Local Privilege Escalation Vulnerability in WARP's MSI Installer
https://notcve.org/view.php?id=CVE-2023-1412
This can lead to a variety of attacks, including the manipulation of system files and privilege escalation. PatchesA new installer with a fix that addresses this vulnerability was released in version 2023.3.381.0. • https://developers.cloudflare.com/warp-client/get-started/windows https://github.com/cloudflare/advisories/security/advisories/GHSA-hgxh-48m3-3gq7 https://install.appcenter.ms/orgs/cloudflare/apps/1.1.1.1-windows-1/distribution_groups/release • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27347 – G DATA Total Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-27347
G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-23-379 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •