How severe is CVE-2023-50914?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2023-50914?

This is classified as CWE-279, which is a common weakness in software security.

CVE-2023-50914

MEDIUM Year: 2023

CVSS v3 Score

6.7

Medium

Weakness Type

CWE-279

View all →

Vulnerability Description

A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy (Beta) 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction parameters sent from GalaxyClient.exe to GalaxyClientService.exe.

CVE-2024-37025

MEDIUM

CVSS:6.7(Medium)

Incorrect execution-assigned permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installer before version 23.1.1 may allow an authenticated user to potentially enable escalat...

CWE-2792024

CVE-2023-3915

HIGH

CVSS:7.2(High)

An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. If an e...

CWE-2792023

CVE-2023-4383

HIGH

CVSS:7.8(High)

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect exe...

CWE-2792023

CVE-2024-11220

HIGH

CVSS:7.8(High)

A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file o...

CWE-2792024

CVE-2025-22843

HIGH

CVSS:7.8(High)

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via local a...

CWE-2792025