CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-39438
https://notcve.org/view.php?id=CVE-2024-39438
This could lead to local escalation of privilege with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-39437
https://notcve.org/view.php?id=CVE-2024-39437
This could lead to local escalation of privilege with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-39436
https://notcve.org/view.php?id=CVE-2024-39436
This could lead to local escalation of privilege with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9167
https://notcve.org/view.php?id=CVE-2024-9167
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before version 5.2 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/Security-Advisory-Velocity-License-Server-CVE-2024-9167 • CWE-276: Incorrect Default Permissions •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-47196
https://notcve.org/view.php?id=CVE-2024-47196
This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •