CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7251 – Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7251
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-956 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7250 – Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7250
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-955 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7249 – Comodo Firewall Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7249
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-954 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7248 – Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7248
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-953 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-40396
https://notcve.org/view.php?id=CVE-2023-40396
29 Jul 2024 — An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213936 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42959
https://notcve.org/view.php?id=CVE-2023-42959
29 Jul 2024 — An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213940 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42097 – ALSA: emux: improve patch ioctl data validation
https://notcve.org/view.php?id=CVE-2024-42097
29 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/40d7def67841343c10f8642a41031fecbb248bab •
CVSS: 5.2EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42096 – x86: stop playing stack games in profile_pc()
https://notcve.org/view.php?id=CVE-2024-42096
29 Jul 2024 — And the code really does depend on stack layout that is only true in the simplest of cases. ... With no real practical reason for this any more, just remove the code. ... And the code really does depend on stack layout that is only true in the simplest of cases. ... With no real practical reason for this any more, just remove the code. ... A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/65ebdde16e7f5da99dbf8a548fb635837d78384e • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42092 – gpio: davinci: Validate the obtained number of IRQs
https://notcve.org/view.php?id=CVE-2024-42092
29 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/eb3744a2dd01cb07ce9f556d56d6fe451f0c313a •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6726 – Remote Code Execution (RCE) in Delphix
https://notcve.org/view.php?id=CVE-2024-6726
29 Jul 2024 — Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw which results in Remote Code Execution (RCE). • https://portal.perforce.com/s/detail/a91PA000001SUDtYAO • CWE-94: Improper Control of Generation of Code ('Code Injection') •