CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-20023
https://notcve.org/view.php?id=CVE-2024-20023
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-20022
https://notcve.org/view.php?id=CVE-2024-20022
In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-20005
https://notcve.org/view.php?id=CVE-2024-20005
This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20018
https://notcve.org/view.php?id=CVE-2024-20018
This could lead to local escalation of privilege with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2024 •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-27718
https://notcve.org/view.php?id=CVE-2024-27718
SQL Injection vulnerability in Baizhuo Network Smart s200 Management Platform v.S200 allows a local attacker to obtain sensitive information and escalate privileges via the /importexport.php component. Vulnerabilidad de inyección SQL en Baizhuo Network Smart s200 Management Platform v.S200 permite a un atacante local obtener información confidencial y escalar privilegios a través del componente /importexport.php. • https://github.com/tldjgggg/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •