NotCVE - LPE

Page 94 of 2980 results (0.082 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-0751 – Mozilla: Privilege escalation through devtools

https://notcve.org/view.php?id=CVE-2024-0751

A malicious devtools extension could have been used to escalate privileges. ... The Mozilla Foundation Security Advisory describes this flaw as: A malicious devtools extension could have been used to escalate privileges. • https://bugzilla.mozilla.org/show_bug.cgi?id=1865689 https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html https://www.mozilla.org/security/advisories/mfsa2024-01 https://www.mozilla.org/security/advisories/mfsa2024-02 https://www.mozilla.org/security/advisories/mfsa2024-04 https://access.redhat.com/security/cve/CVE-2024-0751 https://bugzilla.redhat.com/show_bug.cgi?id=2259932 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0

CVE-2023-52338 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2023-52338

A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-24-076 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0

CVE-2023-52337 – Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2023-52337

An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-24-075 •

CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2023-6816 – Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer

https://notcve.org/view.php?id=CVE-2023-6816

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2024/01/18/1 https://access.redhat.com/errata/RHSA-2024:0320 https://access.redhat.com/errata/RHSA-2024:0557 https://access.redhat.com/errata/RHSA-2024:0558 https://access.redhat.com/errata/RHSA-2024:0597 https://access.redhat.com/errata/RHSA-2024:0607 https://access.redhat.com/errata/RHSA-2024:0614 https://access.redhat.com/errata/RHSA-2024:0617 https://access.redhat.com/errata/RHSA-2024:0621 https://access.redhat.com& • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-21885 – Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent

https://notcve.org/view.php?id=CVE-2024-21885

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2024:0320 https://access.redhat.com/errata/RHSA-2024:0557 https://access.redhat.com/errata/RHSA-2024:0558 https://access.redhat.com/errata/RHSA-2024:0597 https://access.redhat.com/errata/RHSA-2024:0607 https://access.redhat.com/errata/RHSA-2024:0614 https://access.redhat.com/errata/RHSA-2024:0617 https://access.redhat.com/errata/RHSA-2024:0621 https://access.redhat.com/errata/RHSA-2024:0626 https://access.redhat.com/errata/RHSA • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •

1...92 93 94 95 96