CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-40433
https://notcve.org/view.php?id=CVE-2024-40433
Insecure Permissions vulnerability in Tencent wechat v.8.0.37 allows an attacker to escalate privileges via the web-view component. • https://github.com/yikaikkk/CookieShareInWebView/blob/master/README.md • CWE-266: Incorrect Privilege Assignment •
CVSS: 5.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-27357
https://notcve.org/view.php?id=CVE-2024-27357
Local Privilege Escalation can occur during installations or updates by admins. • https://www.withsecure.com/en/support/security-advisories/cve-2024-27357 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36542
https://notcve.org/view.php?id=CVE-2024-36542
Insecure permissions in kuma v2.7.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/e1685843b6f42b47dbf97e2e92e63428 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36535
https://notcve.org/view.php?id=CVE-2024-36535
Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/2950c3993cdeff23afcbd73ba7a33879 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36541
https://notcve.org/view.php?id=CVE-2024-36541
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/f972d1c152f3b8127af01206f7c2af0d • CWE-276: Incorrect Default Permissions •