CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44219
https://notcve.org/view.php?id=CVE-2023-44219
27 Oct 2023 — A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0016 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34057
https://notcve.org/view.php?id=CVE-2023-34057
27 Oct 2023 — VMware Tools contains a local privilege escalation vulnerability. ... VMware Tools contains a local privilege escalation vulnerability. • https://www.vmware.com/security/advisories/VMSA-2023-0024.html • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5622 – Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-5622
26 Oct 2023 — Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file. ... This vulnerability allows local attackers to escalate privileges on affected installations of Tenable Nessus Network Monitor. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.tenable.com/security/tns-2023-34 • CWE-269: Improper Privilege Management •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5574 – Xorg-x11-server: use-after-free bug in damagedestroy
https://notcve.org/view.php?id=CVE-2023-5574
25 Oct 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2024:2298 • CWE-416: Use After Free •
CVSS: 7.4EPSS: 0%CPEs: 10EXPL: 0CVE-2023-5380 – Xorg-x11-server: use-after-free bug in destroywindow
https://notcve.org/view.php?id=CVE-2023-5380
25 Oct 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2023:7428 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2023-5367 – Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
https://notcve.org/view.php?id=CVE-2023-5367
25 Oct 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2023:6802 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-5717 – Out-of-bounds write in Linux kernel's Linux Kernel Performance Events (perf) component
https://notcve.org/view.php?id=CVE-2023-5717
25 Oct 2023 — A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. ... This issue may lead to a system crash, code execution, or local privilege escalation. • https://github.com/uthrasri/CVE-2023-5717 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-44794
https://notcve.org/view.php?id=CVE-2023-44794
25 Oct 2023 — An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. • https://github.com/dromara/Sa-Token/issues/515 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46584
https://notcve.org/view.php?id=CVE-2023-46584
25 Oct 2023 — SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows a remote attacker to escalate privileges via a crafted request to the new-user-testing.php endpoint. • https://github.com/rumble773/sec-research/blob/main/NiV/CVE-2023-46584.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-43506 – Local Privilege Escalation in ClearPass OnGuard Linux Agent
https://notcve.org/view.php?id=CVE-2023-43506
24 Oct 2023 — A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance. Una vulnerabilidad en el agente de Linux ClearPass OnGuard podría permitir a usuarios malintencionados elevar sus privilegios de usuario a aquellos de una función superior. Un exploit exitoso permite a usuarios malintencionados eje... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt • CWE-269: Improper Privilege Management •