CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-57602
https://notcve.org/view.php?id=CVE-2024-57602
12 Feb 2025 — An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file. • https://hkohi.ca/vulnerability/12 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-57603
https://notcve.org/view.php?id=CVE-2024-57603
12 Feb 2025 — An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting. • https://github.com/mayswind/ezbookkeeping/issues/33 • CWE-799: Improper Control of Interaction Frequency •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-57604
https://notcve.org/view.php?id=CVE-2024-57604
12 Feb 2025 — An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component. • https://github.com/mayswind/ezbookkeeping/issues/33 • CWE-276: Incorrect Default Permissions •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-57605
https://notcve.org/view.php?id=CVE-2024-57605
12 Feb 2025 — Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components. • https://hkohi.ca/vulnerability/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21373 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21373
11 Feb 2025 — Windows Installer Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21373 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40586
https://notcve.org/view.php?id=CVE-2024-40586
11 Feb 2025 — An Improper Access Control vulnerability [CWE-284] in FortiClient Windows version 7.4.0, version 7.2.6 and below, version 7.0.13 and below may allow a local user to escalate his privileges via FortiSSLVPNd service pipe. An Improper Access Control vulnerability [CWE-284] in FortiClient Windows version 7.4.0, version 7.2.6 and below, version 7.0.13 and below may allow a local user to escalate his privileges via FortiSSLVPNd service pipe. • https://fortiguard.fortinet.com/psirt/FG-IR-23-279 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40591
https://notcve.org/view.php?id=CVE-2024-40591
11 Feb 2025 — An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targetted FortiGate to a malicious upstream FortiGate they control. • https://fortiguard.fortinet.com/psirt/FG-IR-24-302 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53977
https://notcve.org/view.php?id=CVE-2024-53977
11 Feb 2025 — This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch the script from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-637914.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-54916
https://notcve.org/view.php?id=CVE-2024-54916
11 Feb 2025 — An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate attacker to bypass authentication and escalate privileges by manipulating the return value of the checkPasscode method. • https://github.com/SAHALLL/CVE-2024-54916 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21692 – net: sched: fix ets qdisc OOB Indexing
https://notcve.org/view.php?id=CVE-2025-21692
10 Feb 2025 — The overflow may cause local privilege escalation. The overflow may cause local privilege escalation. • https://git.kernel.org/stable/c/dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 •