IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690.
CWE-269
CVE-2022-41115
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability.
CVE-2022-41040
Microsoft Exchange Server Elevation of Privilege Vulnerability.
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.
CVE-2022-4041
Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.1.
CVE-2022-40297
** DISPUTED ** UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account’s password. NOTE: a third party states “The described attack cannot be executed as demonstrated.”