CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0413 – Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-0413
04 Feb 2025 — Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitr... • https://kb.parallels.com/130212 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35177 – Improper Access Control in wazuh-agent
https://notcve.org/view.php?id=CVE-2024-35177
03 Feb 2025 — The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by placing one of the many DLL that are loaded and not present on the system in the installation folder of the agent OR by replacing the service executable binary itself with a malicious one. ... Many DLLs are loaded from the installation folder and by creating a m... • https://github.com/wazuh/wazuh/security/advisories/GHSA-pmr2-2r83-h3cv • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20642
https://notcve.org/view.php?id=CVE-2025-20642
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20641
https://notcve.org/view.php?id=CVE-2025-20641
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20639
https://notcve.org/view.php?id=CVE-2025-20639
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20142
https://notcve.org/view.php?id=CVE-2024-20142
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20141
https://notcve.org/view.php?id=CVE-2024-20141
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-123: Write-what-where Condition •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20636
https://notcve.org/view.php?id=CVE-2025-20636
03 Feb 2025 — This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2025-20635
https://notcve.org/view.php?id=CVE-2025-20635
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20631
https://notcve.org/view.php?id=CVE-2025-20631
03 Feb 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •