CVE-2024-35288 – Nitro PDF Pro Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-35288
Nitro PDF Pro before 13.70.8.82 and 14.x before 14.26.1.0 allows Local Privilege Escalation in the MSI Installer because custom actions occur unsafely in repair mode. • https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-nitro-pdf-pro https://seclists.org/fulldisclosure/2024/Sep/59 https://www.gonitro.com/support/downloads#securityUpdates •
CVE-2024-6654 – Denial of Service vulnerability in ESET products for macOS
https://notcve.org/view.php?id=CVE-2024-6654
Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system slow-down. Los productos para macOS permiten que un usuario conectado al sistema realice un ataque de denegación de servicio, que podría usarse indebidamente para deshabilitar la protección del producto de seguridad de ESET y provocar una ralentización general del sistema. • https://support.eset.com/en/ca8725-local-privilege-escalation-vulnerability-in-eset-products-for-macos-fixed https://support.eset.com/en/ca8725-denial-of-service-vulnerability-in-eset-products-for-macos-fixed • CWE-377: Insecure Temporary File •
CVE-2024-7400 – Local privilege escalation in ESET products for Windows
https://notcve.org/view.php?id=CVE-2024-7400
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so. • https://support.eset.com/en/ca8726-local-privilege-escalation-fixed-for-vulnerability-during-detected-file-removal-in-eset-products-for-windows • CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVE-2024-9244 – Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-9244
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1298 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2024-9245 – Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-9245
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1297 • CWE-732: Incorrect Permission Assignment for Critical Resource •