CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3670 – Codesys: Vulnerability in CODESYS Development System and CODESYS Scripting
https://notcve.org/view.php?id=CVE-2023-3670
28 Jul 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of CODESYS Development System. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the Administrator. • https://cert.vde.com/en/advisories/VDE-2023-024 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 9CVE-2023-32629 – GameOver(lay) Privilege Escalation / Container Escape
https://notcve.org/view.php?id=CVE-2023-32629
26 Jul 2023 — Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels La vulnerabilidad de escalada de privilegios locales en los kernels de Ubuntu que superpone ovl_copy_up_meta_inode_data omite comprobaciones de permisos al llamar a ovl_do_setxattr en kernels de Ubuntu • https://github.com/k4but0/Ubuntu-LPE • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 11CVE-2023-2640 – Canonical Ubuntu OverlayFS File System Missing Authorization Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-2640
26 Jul 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://packetstorm.news/files/id/183270 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37907 – Cryptomator's MSI installer allows local privilege escalation
https://notcve.org/view.php?id=CVE-2023-37907
25 Jul 2023 — Prior to version 1.9.2, the MSI installer provided on the homepage allows local privilege escalation (LPE) for low privileged users, if already installed. ... A simple LPE is possible via a breakout. • https://github.com/cryptomator/cryptomator/commit/b48ebd524b1626bf12ac98e35a7670b868fa208c • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28133
https://notcve.org/view.php?id=CVE-2023-28133
23 Jul 2023 — Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file • https://support.checkpoint.com/results/sk/sk181276 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-3776 – Use-after-free in Linux kernel's net/sched: cls_fw component
https://notcve.org/view.php?id=CVE-2023-3776
21 Jul 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. ... This may allow a local attacker to gain local privilege escalation. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-3611 – Out-of-bounds write in Linux kernel's net/sched: sch_qfq component
https://notcve.org/view.php?id=CVE-2023-3611
21 Jul 2023 — An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e337087c3b5805fe0b8a46ba622a962880b5d64 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-3610 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-3610
21 Jul 2023 — A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. ... This flaw allows a local attacker with CAP_NET_ADMIN access capability to cause a local privilege escalation problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-3609 – Use-after-free in Linux kernel's net/sched: cls_u32 component
https://notcve.org/view.php?id=CVE-2023-3609
21 Jul 2023 — A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. ... This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat. • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2023-30799 – MikroTik RouterOS Administrator Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-30799
19 Jul 2023 — A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. • https://github.com/MarginResearch/FOISted • CWE-269: Improper Privilege Management •