CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2024-56334 – Command injection vulnerability in getWindowsIEEE8021x (SSID) function in systeminformation
https://notcve.org/view.php?id=CVE-2024-56334
This vulnerability may enable an attacker, depending on how the package is used, to perform remote code execution or local privilege escalation. • https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-cvv5-9h9w-qp2m https://github.com/sebhildebrandt/systeminformation/commit/f7af0a67b78e7894335a6cad510566a25e06ae41 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2024-37758
https://notcve.org/view.php?id=CVE-2024-37758
Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privileges. • https://medium.com/@hamzanadeem1337/unauthorized-full-vertical-privilege-escalation-in-digiteam-sales-gamification-portal-version-4-21-0-c3e3282e9053 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-12786 – X1a0He Adobe Downloader XPC Service com.x1a0he.macOS.Adobe-Downloader.helper shouldAcceptNewConnection privileges management
https://notcve.org/view.php?id=CVE-2024-12786
The manipulation leads to improper privilege management. ... Durch das Manipulieren mit unbekannten Daten kann eine improper privilege management-Schwachstelle ausgenutzt werden. • submit.464685 https://winslow1984.com/books/cve-collection/page/adobe-downloader-131-local-privilege-escalation • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35141 – IBM Security Verify Access privilege escalation
https://notcve.org/view.php?id=CVE-2024-35141
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. IBM Security Verify Access Docker 10.0.0 a 10.0.6 podría permitir que un usuario local aumente sus privilegios debido a la ejecución de privilegios innecesarios. • https://www.ibm.com/support/pages/node/7155356 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12831 – Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-12831
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. ... An attacker can leverage this to escalate privileges to resources normally protected from the user. ... This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. ... An attacker can leverage this to escalate privileges to resources normally protected from the user. • https://www.zerodayinitiative.com/advisories/ZDI-24-1720 • CWE-863: Incorrect Authorization •