CVSS: 9.1EPSS: %CPEs: 1EXPL: 0CVE-2024-48920 – PutongOJ: unprivileged users can escalate privileges by constructing requests
https://notcve.org/view.php?id=CVE-2024-48920
Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. • https://github.com/acm309/PutongOJ/commit/211dfe9ebf1c6618ce5396b0338de4f9b580715e#diff-782628b47d666d5d551e040815ca3f80c0704397258718f0e0f31164608ea7beL118-R120 https://github.com/acm309/PutongOJ/releases/tag/v2.1.0-beta.1 https://github.com/acm309/PutongOJ/security/advisories/GHSA-gj6h-73c5-xw6f • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2024-49389
https://notcve.org/view.php?id=CVE-2024-49389
Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-5319 • CWE-276: Incorrect Default Permissions •
CVSS: 7.3EPSS: %CPEs: 1EXPL: 0CVE-2024-49390
https://notcve.org/view.php?id=CVE-2024-49390
Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-5845 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.7EPSS: %CPEs: 1EXPL: 0CVE-2024-49391
https://notcve.org/view.php?id=CVE-2024-49391
Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7220 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-48903 – Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-48903
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •