CVE-2024-7233 – Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7233
This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVE-2024-7243 – Panda Security Dome Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7243
This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVE-2024-41637
https://notcve.org/view.php?id=CVE-2024-41637
RaspAP before 3.1.5 allows an attacker to escalate privileges: the www-data user has write access to the restapi.service file and also possesses Sudo privileges to execute several critical commands without a password. • https://blog.0xzon.dev/2024-07-27-CVE-2024-41637 https://github.com/RaspAP/raspap-webgui • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-42052
https://notcve.org/view.php?id=CVE-2024-42052
A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder. • https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/1.md https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/15813655496603-Splashtop-Streamer-version-v3-5-8-0-for-Windows-released •
CVE-2024-42053
https://notcve.org/view.php?id=CVE-2024-42053
A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder. • https://github.com/SpacePlant/Vulns/blob/main/Advisories/2024/2.md https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/18223802896539-Splashtop-Streamer-version-v3-6-0-0-for-Windows-released • CWE-276: Incorrect Default Permissions •