CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5299 – Fuji Electric Tellus Lite V-Simulator Improper Access Control
https://notcve.org/view.php?id=CVE-2023-5299
22 Nov 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of Fuji Electric Tellus Lite. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of any user of the software. • https://felib.fujielectric.co.jp/en/M10009/M20034/document_detail/c27d5b69-68ef-4af5-90ee-b5dab118f71a • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47350
https://notcve.org/view.php?id=CVE-2023-47350
22 Nov 2023 — Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.2.0, allows remote attackers to escalate privileges via the user password update functionality. • https://github.com/SwiftyEdit/SwiftyEdit/commit/90a6f3df16cd1578b2827d7b2e073451f7ce4e47 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47172
https://notcve.org/view.php?id=CVE-2023-47172
20 Nov 2023 — Certain WithSecure products allow Local Privilege Escalation. • https://www.withsecure.com/en/support/security-advisories/cve-2023-47172 •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44449 – NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-44449
20 Nov 2023 — This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. An attacker can leverage this vulnerability to escalate privileges to resources normally p... • https://kb.netgear.com/000065866/Security-Advisory-for-Multiple-Vulnerabilities-on-the-NMS300-PSV-2023-0114-PSV-2023-0115 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44796
https://notcve.org/view.php?id=CVE-2023-44796
17 Nov 2023 — Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component. • https://github.com/Hebing123/CVE-2023-44796/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6111 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-6111
14 Nov 2023 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93995bf4af2c5a99e2a87f0cd5ce547d31eb7630 • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-45794
https://notcve.org/view.php?id=CVE-2023-45794
14 Nov 2023 — This could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app. • https://cert-portal.siemens.com/productcert/pdf/ssa-084182.pdf • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-6006 – Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-6006
14 Nov 2023 — This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de PaperCut NG. ... • https://www.papercut.com/kb/Main/CommonSecurityQuestions • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47192 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47192
14 Nov 2023 — An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47193 – Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-47193
14 Nov 2023 — An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US • CWE-346: Origin Validation Error •