CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-45067
https://notcve.org/view.php?id=CVE-2024-45067
14 May 2025 — Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01271.html • CWE-276: Incorrect Default Permissions •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0131 – GlobalProtect App: Incorrect Privilege Management Vulnerability in OPSWAT MetaDefender Endpoint Security SDK
https://notcve.org/view.php?id=CVE-2025-0131
14 May 2025 — An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit. • https://security.paloaltonetworks.com/CVE-2025-0131 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30664 – Zoom Workplace Apps - Improper Neutralization of Special Elements
https://notcve.org/view.php?id=CVE-2025-30664
14 May 2025 — Improper neutralization of special elements in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25017 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30663 – Zoom Workplace Apps - Time-of-check Time-of-use
https://notcve.org/view.php?id=CVE-2025-30663
14 May 2025 — Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25016 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-3931 – Yggdrasil: local privilege escalation in yggdrasil
https://notcve.org/view.php?id=CVE-2025-3931
14 May 2025 — This issue results in local privilege escalation, enabling the attacker to access and modify sensitive system data. ... Este problema provoca una escalada de privilegios local, lo que permite al atacante acceder y modificar datos confidenciales del sistema. ... Issues addressed include a privilege escalation vulnerability. • https://access.redhat.com/errata/RHSA-2025:7592 • CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-48869
https://notcve.org/view.php?id=CVE-2024-48869
13 May 2025 — Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01268.html • CWE-1256: Improper Restriction of Software Interfaces to Hardware Features •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-47800
https://notcve.org/view.php?id=CVE-2024-47800
13 May 2025 — Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01253.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-47795
https://notcve.org/view.php?id=CVE-2024-47795
13 May 2025 — Uncontrolled search path for some Intel(R) oneAPI DPC++/C++ Compiler software before version 2025.0.0 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01243.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-47550
https://notcve.org/view.php?id=CVE-2024-47550
13 May 2025 — Incorrect default permissions for some Endurance Gaming Mode software installers may allow an authenticated user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01254.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-46895
https://notcve.org/view.php?id=CVE-2024-46895
13 May 2025 — Uncontrolled search path for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 32.0.101.6083/32.0.101.5736 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01253.html • CWE-427: Uncontrolled Search Path Element •