CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34394 – Keysight N6845A Relative Path Traversal
https://notcve.org/view.php?id=CVE-2023-34394
19 Jul 2023 — In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition. This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. ... An attacker can leverage this vulnerability to escalate privileges and execute arbi... • https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02 • CWE-23: Relative Path Traversal CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36853 – Keysight Geolocation Server Exposed Dangerous Method or Function
https://notcve.org/view.php?id=CVE-2023-36853
19 Jul 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02 • CWE-427: Uncontrolled Search Path Element CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32155 – Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32155
18 Jul 2023 — Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. ... Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. ... Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-971 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-30989 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-30989
16 Jul 2023 — IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254017 • CWE-269: Improper Privilege Management •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-30988 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-30988
16 Jul 2023 — The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254016 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37849
https://notcve.org/view.php?id=CVE-2023-37849
13 Jul 2023 — A DLL hijacking vulnerability in Panda Security VPN for Windows prior to version v15.14.8 allows attackers to execute arbitrary code via placing a crafted DLL file in the same directory as PANDAVPN.exe. Una vulnerabilidad de secuestro de DLL en Panda Security VPN para Windows anterior a la versión v15.14.8 permite a los atacantes ejecutar código arbitrario mediante la colocación de un archivo DLL manipulado en el mismo directorio que "PANDAVPN.exe". • https://heegong.github.io/posts/Local-privilege-escalation-in-Panda-Dome-VPN-for-Windows-Installer • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38100 – NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-38100
13 Jul 2023 — This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. An attacker can leverage this vulnerability to escalate privileges to resources normally p... • https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38102 – NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-38102
13 Jul 2023 — This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. An attacker can leverage this vulnerability to escalate privileges to resources normally p... • https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025 • CWE-862: Missing Authorization •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32050 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-32050
11 Jul 2023 — Windows Installer Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32050 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42082 – Local Privilege Escalation to root in OSNEXUS QuantaStor before 6.0.0.355
https://notcve.org/view.php?id=CVE-2021-42082
10 Jul 2023 — Local users are able to execute scripts under root privileges. • https://csirt.divd.nl/CVE-2021-42082 • CWE-269: Improper Privilege Management •