CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42581
https://notcve.org/view.php?id=CVE-2024-42581
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/2bd26343ccdff7c759f62d332c8caff6 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42582
https://notcve.org/view.php?id=CVE-2024-42582
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/c0d78b257ce1e661be30de1ce9551d27 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42583
https://notcve.org/view.php?id=CVE-2024-42583
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/dac0206b8de14763bdbe2b6bb7020cdc • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42584
https://notcve.org/view.php?id=CVE-2024-42584
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/6037eaac5749430c29cf15fdd9df0ba5 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42585
https://notcve.org/view.php?id=CVE-2024-42585
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component delete_media.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/33de7a4bd7a4517a26fa4e4911b7fb1d • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42586
https://notcve.org/view.php?id=CVE-2024-42586
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/533b962efb1779e397a241bf7a19643c • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4763
https://notcve.org/view.php?id=CVE-2024-4763
16 Aug 2024 — An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges to kernel. An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges to kernel. • https://support.lenovo.com/us/en/product_security/LEN-155486 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2175
https://notcve.org/view.php?id=CVE-2024-2175
16 Aug 2024 — An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges. An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges. • https://support.lenovo.com/us/en/product_security/LEN-155486 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-5915 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-5915
14 Aug 2024 — A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2024-5915 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38163 – Windows Update Stack Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38163
13 Aug 2024 — Windows Update Stack Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163 • CWE-284: Improper Access Control •