Important: kernel

Issue Overview: A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

CVE-2023-4211

CVE-2023-4211 affects the Arm Mali GPU Kernel Driver. The issue is a use-after-free/resource management error in the Mali driver that allows a local, non-privileged user to perform improper GPU memory processing and access freed memory. Impact is limited to confidentiality (high impact) with no d...

CVE-2022-4956

A vulnerability classified as critical has been found in Caphyon Advanced Installer 19.7. This affects an unknown part of the component WinSxS DLL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may ...

PT-2023-15939 · Caphyon · Caphyon Advanced Installer

Name of the Vulnerable Software and Affected Versions: Caphyon Advanced Installer version 19.7 Description: A critical vulnerability has been found in the WinSxS DLL Handler component of Caphyon Advanced Installer. The manipulation leads to an uncontrolled search path. Attacking locally is a...

Microsoft Error Reporting Local Privilege Elevation Exploit

This Metasploit module takes advantage of a bug in the way Windows error reporting opens the report parser. If you open a report, Windows uses a relative path to locate the rendering program. By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary...

PT-2023-31479 · Topaz Ofd · Topaz Ofd

Name of the Vulnerable Software and Affected Versions: Topaz OFD version 2.11.0.201 Description: A problematic vulnerability was found in Topaz OFD, affecting an unknown part of the file C:Program FilesTopaz OFDWarsawcore.exe of the component Protection Module Warsaw. The manipulation leads to an...

kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()

An out-of-bounds OOB memory access flaw was found in the Netfilter module in the Linux kernel's nftbyteordereval in net/netfilter/nftbyteorder.c. A bound check failure allows a local attacker with CAPNETADMIN access to cause a local privilege escalation issue due to incorrect data alignment...

CVE-2023-20849

The CVE-2023-20849 vulnerability is in the imgsys_cmdq component and is caused by missing valid range checking, leading to a use-after-free that can enable local privilege escalation with SYSTEM privileges. Exploitation requires user interaction. Affected context references MediaTek-related discl...

CVE-2023-4383

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been...

CVE-2023-21275

In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...

CVE-2023-21290

In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21280

In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-20782

In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103...

UBUNTU-CVE-2023-4004

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nftpipaporemove function with the element, without a NFTSETEXTKEYEND. This issue could allow a local user to crash the system or potentially escalate their privileges on the system...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6248-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6248-1 advisory. It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local...

PT-2023-4945 · Ibm · Ibm Qradar Wincollect Agent

Name of the Vulnerable Software and Affected Versions: IBM QRadar WinCollect Agent versions 10.0 through 10.1.6 Description: The issue is related to insufficient access control in the IBM QRadar WinCollect Agent, which can be exploited by a remote attacker to elevate their privileges. A normal us...

CVE-2023-3609

CVE-2023-3609 is a Linux kernel use-after-free in the net/sched: cls_u32 classifier. The flaw arises when tcf_change_indev() fails; u32_set_parms() returns after updating the reference counter in tcf_bind_filter(), and an attacker who can manipulate the reference counter to zero can cause the ref...

CVE-2023-30906

The vulnerability could be locally exploited to allow escalation of privilege...

Privilege escalation

The vulnerability could be locally exploited to allow escalation of privilege...

CVE-2023-30906

The vulnerability could be locally exploited to allow escalation of privilege...