CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-9244 – Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-9244
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-9245 – Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-9245
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8996 – Grafana Agent Flow on Windows Unquoted service path
https://notcve.org/view.php?id=CVE-2024-8996
Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2 • https://github.com/grafana/agent/releases/tag/v0.43.2 https://grafana.com/blog/2024/09/25/grafana-alloy-and-grafana-agent-flow-security-release-high-severity-fix-for-cve-2024-8975-and-cve-2024-8996 https://grafana.com/security/security-advisories/cve-2024-8996 https://github.com/grafana/agent/releases/tag/v0.43.3 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8975 – Grafana Alloy on Windows Unquoted service path
https://notcve.org/view.php?id=CVE-2024-8975
Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-rc.1. • https://github.com/grafana/alloy/releases/tag/v1.4.0 https://grafana.com/blog/2024/09/25/grafana-alloy-and-grafana-agent-flow-security-release-high-severity-fix-for-cve-2024-8975-and-cve-2024-8996 https://grafana.com/security/security-advisories/cve-2024-8975 https://github.com/grafana/alloy/releases/tag/v1.4.1 https://github.com/grafana/alloy/releases/tag/v1.3.4 • CWE-428: Unquoted Search Path or Element •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2024-7479 – Improper signature verification of VPN driver installation in TeamViewer Remote Clients
https://notcve.org/view.php?id=CVE-2024-7479
Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481 https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006 • CWE-347: Improper Verification of Cryptographic Signature •