CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-47194
https://notcve.org/view.php?id=CVE-2024-47194
This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2024-43556 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-43556
Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43556 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9576 – Improper access control in Linux Workbooth Distro
https://notcve.org/view.php?id=CVE-2024-9576
Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script. • https://www.incibe.es/en/incibe-cert/notices/aviso/improper-access-control-linux-workbooth-distro • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-44439
https://notcve.org/view.php?id=CVE-2024-44439
., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v.1.9.1 allows a remote attacker to escalate privileges via the open port. • https://smiling-lemonade-122.notion.site/f7da442e0f8a40fc846eea495dcdd329 https://www.notion.so/f7da442e0f8a40fc846eea495dcdd329?pvs=4 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-5803 – Local privelage escalation via COM hijacking
https://notcve.org/view.php?id=CVE-2024-5803
The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •