| 425 | Multiple vulnerabilities in Nokia BTS Airscale ASIKA |
Base transceiver station
Path traversal
Hardcoded private key
Local Privilege Escalation
Security misconfiguration |
Nokia |
Geoffrey Bertoli (@YofBalibump) |
Bug Bounty | 2023-02-21 | 2023-06-13 |
| 422 | Trellix Advanced Research Center Discovers a New Privilege Escalation Bug Class on macOS and iOS |
Local Privilege Escalation |
Apple (macOS) |
Austin Emmitt (@alkalinesec) |
Bug Bounty | 2023-02-21 | 2023-06-13 |
| 407 | LogicalDOC Vulnerability Disclosure |
XXE
RCE
Command injection
Privilege escalation |
LogicalDOC |
Brett DeWall (@xbadbiddyx) |
Bug Bounty | 2023-02-23 | 2023-06-13 |
| 396 | From CVE-2022-33679 to Unauthenticated Kerberoasting |
Kerberos
MiTM
Local Privilege Escalation
Downgrade attack |
Microsoft (Windows) |
Trampas Howe (@trampashowe) |
Bug Bounty | 2023-02-25 | 2023-06-13 |
| 394 | Give me a browser, I’ll give you a Shell |
Local Privilege Escalation
Kiosk hacking |
NA |
Rend |
Bug Bounty | 2023-02-25 | 2023-06-13 |
| 356 | Bypass TCC via iCloud |
TCC bypass
Local Privilege Escalation |
Apple (macOS) |
Wojciech Reguła (@_r3ggi) |
Bug Bounty | 2023-03-04 | 2023-06-13 |
| 326 | Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation) |
Local Privilege Escalation
IoT |
NA |
Sean Pesce (@SeanPesce) |
Bug Bounty | 2023-03-09 | 2023-06-13 |
| 309 | Veeam Backup and Replication CVE-2023-27532 Deep Dive |
Local Privilege Escalation |
Veeam |
James Horseman (@JamesHorseman2) |
Bug Bounty | 2023-03-13 | 2023-06-13 |
| 306 | Your Browser is Not a Safe Space |
Local Privilege Escalation
Lateral movement |
NA |
Corey Ham |
Bug Bounty | 2023-03-14 | 2023-06-13 |
| 305 | Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability |
Privilege escalation
NTLM |
Microsoft (Outlook) |
Dominic Chell (@domchell) |
Bug Bounty | 2023-03-14 | 2023-06-13 |
| 300 | AD Security Research: Breaking Trust Transitivity |
Active Directory Privilege Escalation |
Microsoft (Windows) |
Charlie Clark (@exploitph) |
Bug Bounty | 2023-03-14 | 2023-06-13 |
| 276 | Windows Installer EOP (CVE-2023-21800) |
Local Privilege Escalation |
Microsoft (Windows) |
Adrian Denkiewicz |
Bug Bounty | 2023-03-21 | 2023-06-13 |
| 274 | Improper Privilege Management in Grails Spring Security Core <= 5.1.0 (CVE-2022-41923) |
Privilege escalation
Authorization bypass |
Grails |
Benjamin Sepe (@Butanal_C4H8O) |
Bug Bounty | 2023-03-21 | 2023-06-13 |
| 270 | Escalating Privileges with Azure Function Apps |
Privilege escalation
Cloud
Container escape
RCE |
Microsoft (Azure) |
Karl Fosaaen (@kfosaaen) |
Bug Bounty | 2023-03-23 | 2023-06-13 |
| 261 | Dynamic Linking Injection and LOLBAS Fun |
DLL Hijacking
Dynamic-linking injection
Local Privilege Escalation |
NA |
Joseph Henry |
Bug Bounty | 2023-03-28 | 2023-06-13 |
| 259 | High severity vulnerability fixed in WordPress Elementor Pro plugin. |
Broken Access Control
Privilege Escalation
Security code review |
Elementor |
Jerome Bruandet |
Bug Bounty | 2023-03-28 | 2023-06-13 |
| 255 | BingBang: The AAD misconfiguration that led to Bing.com results manipulation and account takeover explained |
Account takeover
Azure AD
Cloud
XSS
Privilege escalation |
Microsoft (Bing) |
Hillai Ben-Sasson (@hillai) |
Bug Bounty | 2023-03-29 | 2023-06-13 |
| 253 | Hacking Admin Panel & Getting free subscription |
Exposed registration API
Privilege escalation
Account takeover |
NA |
Zeeshan Mustafa (@by6153) |
Bug Bounty | 2023-03-29 | 2023-06-13 |
| 233 | CyberGhostVPN - the story of finding MITM, RCE, LPE in the Linux client |
RCE
MiTM
Local Privilege Escalation |
CyberGhost |
mmmds |
Bug Bounty | 2023-04-03 | 2023-06-13 |
| 228 | Windows Task Scheduler Application, Version 19044.1706 Advisory |
Unquoted search path
Local Privilege Escalation |
Microsoft (Windows) |
Ben Lincoln (@0x00C651E0) |
Bug Bounty | 2023-04-04 | 2023-06-13 |
| 227 | Microsoft Intune, Version 1.55.48.0 Advisory |
Unquoted search path
Local Privilege Escalation |
Microsoft (Intune) |
Ben Lincoln (@0x00C651E0) |
Bug Bounty | 2023-04-04 | 2023-06-13 |
| 224 | Bash Privileged-mode Vulnerabilities In Parallels Desktop And CDPATH Handling In MacOS |
MacoS
Local Privilege Escalation |
Parallels |
Reno Robert (@renorobertr) |
Bug Bounty | 2023-04-06 | 2023-06-13 |
| 210 | From listKeys to Glory: How We Achieved a Subscription Privilege Escalation and RCE by Abusing Azure Storage Account Keys |
Cloud
Privilege escalation |
Microsoft (Azure) |
Roi Nisimi (@) |
Bug Bounty | 2023-04-11 | 2023-06-13 |
| 202 | CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd |
Local Privilege Escalation |
shadow-utils |
Tom Neaves |
Bug Bounty | 2023-04-12 | 2023-06-13 |
| 197 | User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264) |
OAuth
OpenID Connect
Privilege escalation
Authentication flaw |
Keycloack |
Jordi Zayuelas i Muñoz |
Bug Bounty | 2023-04-14 | 2023-06-13 |
