CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21114 – Oracle VirtualBox VirtIOCore Buffer Overflow Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21114
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21112 – Oracle VirtualBox AHCI Controller Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21112
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21110 – Oracle VirtualBox Guest Additions Improper Access Control Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21110
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root on the target guest system. • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-284: Improper Access Control •
CVSS: 4.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-31760
https://notcve.org/view.php?id=CVE-2024-31760
An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an attacker to escalate privileges via the Session Expiration component. • https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158 https://github.com/flipped-aurora/gin-vue-admin/issues/1324 https://github.com/menghaining/PoC/blob/main/gin-vue-admin/gin-vue-admin--PoC.md • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31759
https://notcve.org/view.php?id=CVE-2024-31759
An issue in sanluan PublicCMS v.4.0.202302.e allows an attacker to escalate privileges via the change password function. • https://1drv.ms/v/s%21AmTWEcd1YDpUjgoJ8lkA8pN8zYEJ?e=gIlbGf https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158 https://github.com/menghaining/PoC/blob/main/PublicCMS/publishCMS--PoC.md • CWE-284: Improper Access Control •