CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-44439
https://notcve.org/view.php?id=CVE-2024-44439
., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v.1.9.1 allows a remote attacker to escalate privileges via the open port. • https://smiling-lemonade-122.notion.site/f7da442e0f8a40fc846eea495dcdd329 https://www.notion.so/f7da442e0f8a40fc846eea495dcdd329?pvs=4 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-5803 – Local privelage escalation via COM hijacking
https://notcve.org/view.php?id=CVE-2024-5803
The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-20492 – Cisco Expressway Series Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-20492
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expw-escalation-3bkz77bD •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 1CVE-2024-44193 – iTunes For Windows 12.13.2.3 Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-44193
A local attacker may be able to elevate their privileges. • https://github.com/mbog14/CVE-2024-44193 https://support.apple.com/en-us/121328 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8885
https://notcve.org/view.php?id=CVE-2024-8885
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20241002-cde-lpe • CWE-502: Deserialization of Untrusted Data CWE-1104: Use of Unmaintained Third Party Components •