CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-32163 – Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32163
26 May 2023 — Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulne... • https://github.com/LucaBarile/ZDI-CAN-16857 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27908 – Autodesk On-Demand Install Services Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-27908
24 May 2023 — This vulnerability allows local attackers to escalate privileges on affected installations of Autodesk On-Demand Install Services. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0010 • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32168 – D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32168
24 May 2023 — This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. ... An attacker can leverage this vulnerabil... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332 • CWE-285: Improper Authorization •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30382
https://notcve.org/view.php?id=CVE-2023-30382
23 May 2023 — A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows attackers to execute arbitrary code and escalate privileges by supplying crafted parameters. • https://labs.jumpsec.com/advisory-cve-2023-30382-half-life-local-privilege-escalation • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29838
https://notcve.org/view.php?id=CVE-2023-29838
22 May 2023 — Insecure Permission vulnerability found in Botkind/Siber Systems SyncApp v.19.0.3.0 allows a local attacker toe escalate privileges via the SyncService.exe file. • https://github.com/IthacaLabs/Botkind/blob/main/Botkind_SyncApp/WeakServicePermissions_InsecureServiceExecutable_CVE-2023-29838.txt • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-31748 – MobileTrans 4.0.11 - Weak Service Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-31748
19 May 2023 — Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file. • https://www.exploit-db.com/exploits/51479 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33240
https://notcve.org/view.php?id=CVE-2023-33240
19 May 2023 — Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. • https://www.foxit.com/support/security-bulletins.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4418
https://notcve.org/view.php?id=CVE-2022-4418
18 May 2023 — Local privilege escalation due to unrestricted loading of unsigned libraries. • https://security-advisory.acronis.com/advisories/SEC-4729 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-45452
https://notcve.org/view.php?id=CVE-2022-45452
18 May 2023 — Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-3967 • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-32246 – Linux Kernel ksmbd RCU Callback Race Condition Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32246
17 May 2023 — An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. •