CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-0181
https://notcve.org/view.php?id=CVE-2023-0181
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-276: Incorrect Default Permissions CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-0180
https://notcve.org/view.php?id=CVE-2023-0180
NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-24483 – Privilege Escalation to NT AUTHORITY\SYSTEM on the vulnerable VDA
https://notcve.org/view.php?id=CVE-2023-24483
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA. • https://support.citrix.com/article/CTX477616/citrix-virtual-apps-and-desktops-security-bulletin-for-cve202324483 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-24484 – A malicious user can cause log files to be written to a directory that they do not have permission to write to.
https://notcve.org/view.php?id=CVE-2023-24484
A malicious user can cause log files to be written to a directory that they do not have permission to write to. • https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-24485 – Privilege Escalation on the system running a vulnerable version of Citrix Workspace app for Windows
https://notcve.org/view.php?id=CVE-2023-24485
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app. • https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •