CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-45710 – SolarWinds Platform Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-45710
SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. • https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45710 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21259 – Oracle VirtualBox TPM Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21259
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21248 – Oracle VirtualBox Shared Folders Incorrect Authorization Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21248
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the current user on the host system. • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-6519 – QEMU SCSI Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6519
This vulnerability allows local attackers to escalate privileges on affected installations of QEMU. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. •
CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0CVE-2023-31493
https://notcve.org/view.php?id=CVE-2023-31493
RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system. • http://zoneminder.com https://medium.com/%40dk50u1/rce-remote-code-execution-in-zoneminder-up-to-1-36-33-0686f5bcd370 • CWE-94: Improper Control of Generation of Code ('Code Injection') •