CVE-2024-7248 – Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7248
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-953 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-40396
https://notcve.org/view.php?id=CVE-2023-40396
An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 •
CVE-2023-42959
https://notcve.org/view.php?id=CVE-2023-42959
An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213940 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2024-6726 – Remote Code Execution (RCE) in Delphix
https://notcve.org/view.php?id=CVE-2024-6726
Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw which results in Remote Code Execution (RCE). • https://portal.perforce.com/s/detail/a91PA000001SUDtYAO • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-41799 – tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users
https://notcve.org/view.php?id=CVE-2024-41799
A server configured to execute in BYOND's trusted security level (requiring a third separate, isolated privilege OR being set by another user) could lead to this escalating into remote code execution via BYOND's shell() proc. • https://github.com/tgstation/tgstation-server/commit/374852fe5ae306415eb5aafb2d16b06897d7afe4 https://github.com/tgstation/tgstation-server/pull/1835 https://github.com/tgstation/tgstation-server/security/advisories/GHSA-c3h4-9gc2-f7h4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •