CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-21046
https://notcve.org/view.php?id=CVE-2020-21046
24 Jun 2022 — A local privilege escalation vulnerability was identified within the "luminati_net_updater_win_eagleget_com" service in EagleGet Downloader version 2.1.5.20 Stable. • https://medium.com/%40n1pwn/local-privilege-escalation-in-eagleget-1fde79fe47c0 • CWE-269: Improper Privilege Management •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1742 – 2.2.4 IMPROPER PROTECTION OF ALTERNATE PATH CWE-424
https://notcve.org/view.php?id=CVE-2022-1742
24 Jun 2022 — An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 • CWE-424: Improper Protection of Alternate Path •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1744 – 2.2.6 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250
https://notcve.org/view.php?id=CVE-2022-1744
24 Jun 2022 — An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34008
https://notcve.org/view.php?id=CVE-2022-34008
21 Jun 2022 — Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder. Comodo Antivirus versión 12.2.2.8012, presenta un fallo de cuarentena que permite una escalada de privilegios. Para escalar privilegios, un atacante con pocos privilegios puede usar una unión de directorios NTFS para restaurar una DLL maliciosa de la cuarentena a la carpeta... • https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 12%CPEs: 50EXPL: 0CVE-2022-2068 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-2068
21 Jun 2022 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33915
https://notcve.org/view.php?id=CVE-2022-33915
17 Jun 2022 — Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. • https://alas.aws.amazon.com/AL2/ALAS-2022-1806.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 71EXPL: 0CVE-2022-33912
https://notcve.org/view.php?id=CVE-2022-33912
17 Jun 2022 — This leads to a local privilege escalation on the monitored host. • https://checkmk.com/werk/14098 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31464
https://notcve.org/view.php?id=CVE-2022-31464
16 Jun 2022 — Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path. • https://r0h1rr1m.medium.com/adaware-protect-local-privilege-escalation-through-insecure-service-permissions-44d0eeb6c933 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-30670 – Escalate Privileges to Server Admin - Robohelp Server
https://notcve.org/view.php?id=CVE-2022-30670
16 Jun 2022 — RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction. RoboHelp Server versiones anteriores a la actualización 3 de RHS 11, están afectadas por una vulnerabilidad de Autorización Inapropiada que podría conllevar a una elevación de privilegios. Un atac... • https://helpx.adobe.com/security/products/robohelp-server/apsb22-31.html • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33158 – Trend Micro Proxy One Pro Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-33158
16 Jun 2022 — Trend Micro VPN Proxy versiones 5.2.1026 y anteriores, contiene una vulnerabilidad relacionada con algunas carpetas demasiado permisivas en un directorio clave que podría permitir a un atacante local obtener una escalada de privilegios en un sistema afectado This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Proxy One Pro. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SY... • https://helpcenter.trendmicro.com/en-us/article/tmka-11042 • CWE-552: Files or Directories Accessible to External Parties •