CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7980
https://notcve.org/view.php?id=CVE-2024-7980
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/356328460 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7979
https://notcve.org/view.php?id=CVE-2024-7979
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/356064205 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7977
https://notcve.org/view.php?id=CVE-2024-7977
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/324770940 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-33656 – Memory Leak in SmmComuptrace Module
https://notcve.org/view.php?id=CVE-2024-33656
The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack or global memory. This could lead to privilege escalation, arbitrary code execution, and bypassing OS security mechanisms • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024003.pdf • CWE-269: Improper Privilege Management •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22576
https://notcve.org/view.php?id=CVE-2023-22576
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. • https://www.dell.com/support/kbdoc/en-us/000207513/dsa-2023-017-dell-emc-repository-manager-drm-security-update-for-an-improper-privilege-management-vulnerability • CWE-269: Improper Privilege Management •