CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32479 – Dell Security Management Server Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32479
06 Feb 2024 — Dell Security Management Server versions prior to 11.9.0 suffer from a local privilege escalation vulnerability. • https://www.dell.com/support/kbdoc/en-us/000215881/dsa-2023-260 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31006 – IBM Security Access Manager Container denial of service
https://notcve.org/view.php?id=CVE-2023-31006
03 Feb 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254776 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31004 – IBM Security Access Manager Container gain access
https://notcve.org/view.php?id=CVE-2023-31004
03 Feb 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254765 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32329 – IBM Security Access Manager Container improper file validation
https://notcve.org/view.php?id=CVE-2023-32329
03 Feb 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254972 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31005 – IBM Security Access Manager Container privilege escalation
https://notcve.org/view.php?id=CVE-2023-31005
03 Feb 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254767 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-51939
https://notcve.org/view.php?id=CVE-2023-51939
01 Feb 2024 — An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function. • https://gist.github.com/liang-junkai/1b59487c0f7002fa5da98035b53e409f • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0833 – Privilege Elevation via Telerik Test Studio
https://notcve.org/view.php?id=CVE-2024-0833
31 Jan 2024 — In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/teststudio/knowledge-base/product-notices-kb/legacy-installer-vulnerability • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0832 – Privilege Elevation via Telerik Reporting Installer
https://notcve.org/view.php?id=CVE-2024-0832
31 Jan 2024 — In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/reporting/knowledge-base/legacy-installer-vulnerability • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0219 – Privilege Elevation via Telerik JustDecompile Installer
https://notcve.org/view.php?id=CVE-2024-0219
31 Jan 2024 — In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability • CWE-269: Improper Privilege Management •
CVSS: 8.4EPSS: 1%CPEs: 3EXPL: 7CVE-2023-6246 – Glibc: heap-based buffer overflow in __vsyslog_internal()
https://notcve.org/view.php?id=CVE-2023-6246
31 Jan 2024 — This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. • https://github.com/elpe-pinillo/CVE-2023-6246 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •