CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9392
https://notcve.org/view.php?id=CVE-2018-9392
04 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11872 – Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-11872
04 Dec 2024 — Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Epic Games Launcher. This vulnerability allows local attackers to escalate privileges on affected installations of Epic Games Launcher. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary... • https://trello.com/c/tcS6Jcfy/578-epic-games-launcher-1720 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54131 – Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)
https://notcve.org/view.php?id=CVE-2024-54131
03 Dec 2024 — An implementation bug in the Kolide Agent (known as `launcher`) allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. ... These incorrect default permissions in conjunction with an omitted SystemDrive environmental variable (when launcher starts osqueryd), allows a malicious actor with access to the local Windows device to successfully place an arbitrary DLL into the osqueryd process's search path. • https://github.com/kolide/launcher/pull/1510 • CWE-276: Incorrect Default Permissions CWE-456: Missing Initialization of a Variable •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9431
https://notcve.org/view.php?id=CVE-2018-9431
02 Dec 2024 — In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría provocar una escalad... • https://source.android.com/docs/security/bulletin/pixel/2018-07-01 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9414
https://notcve.org/view.php?id=CVE-2018-9414
02 Dec 2024 — This could lead to local escalation of privilege with User execution privileges needed. ... Esto podría provocar una escalada local de privilegios con privilegios de ejecución de usuario necesarios. ... This could lead to local escalation of privilege with User execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-07-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9376
https://notcve.org/view.php?id=CVE-2018-9376
02 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría provocar una escalada local de privilegios, siendo necesarios los privilegios de ejecución del sistema. ... This could lead to local escalation of privilege with System execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-07-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46905 – WhatsUp Gold GetOrderByClause SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-46905
02 Dec 2024 — In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account. This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protect... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46906 – WhatsUp Gold GetSqlWhereClause SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-46906
02 Dec 2024 — In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected f... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46907 – WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-46907
02 Dec 2024 — In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected f... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46908 – WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-46908
02 Dec 2024 — In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected f... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •