CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9766 – Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-9766
11 Oct 2024 — Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to escala... • https://www.zerodayinitiative.com/advisories/ZDI-24-1336 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38818
https://notcve.org/view.php?id=CVE-2024-38818
09 Oct 2024 — VMware NSX contains a local privilege escalation vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25047 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2024-9473 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-9473
09 Oct 2024 — Palo Alto Networks GlobalProtect versions 5.1.x, 5.2.x, 6.0.x, 6.1.x, 6.3.x and versions less than 6.2.5 suffer from a local privilege escalation vulnerability. • https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9167
https://notcve.org/view.php?id=CVE-2024-9167
08 Oct 2024 — Under specific circumstances, insecure permissions in Ivanti Velocity License Server before version 5.2 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/Security-Advisory-Velocity-License-Server-CVE-2024-9167 • CWE-276: Incorrect Default Permissions •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47196
https://notcve.org/view.php?id=CVE-2024-47196
08 Oct 2024 — This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47195
https://notcve.org/view.php?id=CVE-2024-47195
08 Oct 2024 — This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch gdb.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47194
https://notcve.org/view.php?id=CVE-2024-47194
08 Oct 2024 — This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2024-43556 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-43556
08 Oct 2024 — Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43556 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9576 – Improper access control in Linux Workbooth Distro
https://notcve.org/view.php?id=CVE-2024-9576
07 Oct 2024 — Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script. • https://www.incibe.es/en/incibe-cert/notices/aviso/improper-access-control-linux-workbooth-distro • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44439
https://notcve.org/view.php?id=CVE-2024-44439
04 Oct 2024 — ., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v.1.9.1 allows a remote attacker to escalate privileges via the open port. • https://smiling-lemonade-122.notion.site/f7da442e0f8a40fc846eea495dcdd329 • CWE-269: Improper Privilege Management •