CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-34591 – Bender Charge Controller: Local privilege Escalation
https://notcve.org/view.php?id=CVE-2021-34591
27 Apr 2022 — In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. • https://cert.vde.com/en/advisories/VDE-2021-047 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-27340
https://notcve.org/view.php?id=CVE-2022-27340
22 Apr 2022 — This vulnerability allows attackers to escalate privileges and modify data. • https://github.com/UDKI11/vul/blob/main/Mcms%E8%B7%A8%E7%AB%99%E8%AF%B7%E6%B1%82%E4%BC%AA%E9%80%A0.docx • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29527
https://notcve.org/view.php?id=CVE-2022-29527
20 Apr 2022 — Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. • https://bugzilla.suse.com/show_bug.cgi?id=1196556 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-3100 – Log4j hot patch package privilege escalation
https://notcve.org/view.php?id=CVE-2021-3100
19 Apr 2022 — The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges. • https://alas.aws.amazon.com/AL2/ALAS-2021-1732.html • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27421
https://notcve.org/view.php?id=CVE-2022-27421
15 Apr 2022 — Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin. • https://support.chamilo.org/projects/1/wiki/Security_issues • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-24550 – Windows Telephony Server Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-24550
15 Apr 2022 — Windows Telephony Server Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Telephony Server This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24550 •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-24542 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-24542
15 Apr 2022 — Este ID de CVE es diferente de CVE-2022-24474 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24542 •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24513 – Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-24513
15 Apr 2022 — Visual Studio Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Visual Studio This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Visual Studio. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-24499 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-24499
15 Apr 2022 — Este ID de CVE es diferente de CVE-2022-24530 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24499 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-24479 – Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-24479
15 Apr 2022 — Connected User Experiences and Telemetry Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Connected User Experiences and Telemetry This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24479 •