CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20142
https://notcve.org/view.php?id=CVE-2024-20142
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20141
https://notcve.org/view.php?id=CVE-2024-20141
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-123: Write-what-where Condition •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20636
https://notcve.org/view.php?id=CVE-2025-20636
03 Feb 2025 — This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2025-20635
https://notcve.org/view.php?id=CVE-2025-20635
03 Feb 2025 — This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20631
https://notcve.org/view.php?id=CVE-2025-20631
03 Feb 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20632
https://notcve.org/view.php?id=CVE-2025-20632
03 Feb 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 1CVE-2024-56898
https://notcve.org/view.php?id=CVE-2024-56898
03 Feb 2025 — This vulnerability allows low privilege users perform actions that they aren't authorized to, which can be leveraged to escalate privileges, create, modify or delete accounts. • https://github.com/DRAGOWN/CVE-2024-56898 •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-57498
https://notcve.org/view.php?id=CVE-2024-57498
03 Feb 2025 — Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function. • https://gist.github.com/Catherines77/ac0b554f3d755879eb12bfd69ef585b1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53295
https://notcve.org/view.php?id=CVE-2024-53295
01 Feb 2025 — A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege. • https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities • CWE-1220: Insufficient Granularity of Access Control •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24828
https://notcve.org/view.php?id=CVE-2025-24828
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7842 • CWE-426: Untrusted Search Path •