CVE-2024-42580
https://notcve.org/view.php?id=CVE-2024-42580
A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/8a05309486637d8c6ce8c6624ec1e897 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2024-4763
https://notcve.org/view.php?id=CVE-2024-4763
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges to kernel. • https://support.lenovo.com/us/en/product_security/LEN-155486 • CWE-276: Incorrect Default Permissions •
CVE-2024-2175
https://notcve.org/view.php?id=CVE-2024-2175
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges. • https://support.lenovo.com/us/en/product_security/LEN-155486 • CWE-276: Incorrect Default Permissions •
CVE-2024-5915 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-5915
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2024-5915 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2024-38163 – Windows Update Stack Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38163
Windows Update Stack Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163 • CWE-284: Improper Access Control •