CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2024-20010
https://notcve.org/view.php?id=CVE-2024-20010
05 Feb 2024 — In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20006
https://notcve.org/view.php?id=CVE-2024-20006
05 Feb 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31006 – IBM Security Access Manager Container denial of service
https://notcve.org/view.php?id=CVE-2023-31006
03 Feb 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://packetstorm.news/files/id/182466 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31004 – IBM Security Access Manager Container gain access
https://notcve.org/view.php?id=CVE-2023-31004
03 Feb 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://packetstorm.news/files/id/182466 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-32329 – IBM Security Access Manager Container improper file validation
https://notcve.org/view.php?id=CVE-2023-32329
03 Feb 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://packetstorm.news/files/id/182466 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-31005 – IBM Security Access Manager Container privilege escalation
https://notcve.org/view.php?id=CVE-2023-31005
03 Feb 2024 — IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. ... IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 a 10.0.6.1 e IBM Security Verify Access Docker 10.0.0.0 a 10.0.6.1) podría permitir a un usuario local escalar sus privilegios debido a una confi... • https://packetstorm.news/files/id/182466 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-51939
https://notcve.org/view.php?id=CVE-2023-51939
01 Feb 2024 — An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function. • https://gist.github.com/liang-junkai/1b59487c0f7002fa5da98035b53e409f • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0833 – Privilege Elevation via Telerik Test Studio
https://notcve.org/view.php?id=CVE-2024-0833
31 Jan 2024 — In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/teststudio/knowledge-base/product-notices-kb/legacy-installer-vulnerability • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0832 – Privilege Elevation via Telerik Reporting Installer
https://notcve.org/view.php?id=CVE-2024-0832
31 Jan 2024 — In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/reporting/knowledge-base/legacy-installer-vulnerability • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0219 – Privilege Elevation via Telerik JustDecompile Installer
https://notcve.org/view.php?id=CVE-2024-0219
31 Jan 2024 — In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. • https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability • CWE-269: Improper Privilege Management •