CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-40789 – Apple WebKit WebCodecs VideoFrame Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-40789
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple WebKit. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://support.apple.com/en-us/HT214121 https://support.apple.com/en-us/HT214117 https://support.apple.com/en-us/HT214116 https://support.apple.com/en-us/HT214124 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214123 https://support.apple.com/en-us/HT214122 https://support.apple.com/kb/HT214121 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/15 http://seclists.org/fulldisclosure/2024/Jul/ • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-27878
https://notcve.org/view.php?id=CVE-2024-27878
An app with root privileges may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT214119 http://seclists.org/fulldisclosure/2024/Jul/18 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7252 – Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7252
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-957 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7251 – Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7251
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-956 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7250 – Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7250
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-955 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •