CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-32162 – Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32162
26 May 2023 — Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the W... • https://github.com/LucaBarile/ZDI-CAN-16318 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-32163 – Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-32163
26 May 2023 — Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tablet Service. By creating a symbolic link, an attacker can abuse the service to create a file. • https://github.com/LucaBarile/ZDI-CAN-16857 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.3EPSS: 4%CPEs: 3EXPL: 3CVE-2022-38604
https://notcve.org/view.php?id=CVE-2022-38604
11 Apr 2023 — Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability. • https://github.com/LucaBarile/CVE-2022-38604 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.6EPSS: 1%CPEs: 2EXPL: 3CVE-2022-43293
https://notcve.org/view.php?id=CVE-2022-43293
11 Apr 2023 — Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe. • https://github.com/LucaBarile/CVE-2022-43293 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-0110
https://notcve.org/view.php?id=CVE-2013-0110
08 Apr 2013 — nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program. nvSCPAPISvr.exe en el servicio del controlador NVIDIA Stereoscopic 3D, y distribuido con el controlador NVIDIA anterior a v307.78, y Release v310 anterior a v311.00, en Windows, falta el carácter "(comillas dobles) en la ruta d... • http://www.kb.cert.org/vuls/id/957036 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-0111
https://notcve.org/view.php?id=CVE-2013-0111
08 Apr 2013 — daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program. daemonu.exe (también conocido como NVIDIA Update Service Daemon), distribuido con los controladores NVIDIA anterior a v307.78 y Release v310 anterior a v311.00, en Windows, le falta el carácter "(comillas dobles) en la ruta del servicio,... • http://www.kb.cert.org/vuls/id/957036 •