CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8496
https://notcve.org/view.php?id=CVE-2024-8496
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Workspace-Control-IWC-CVE-2024-8496 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9845
https://notcve.org/view.php?id=CVE-2024-9845
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Automation-CVE-2024-9845 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10251
https://notcve.org/view.php?id=CVE-2024-10251
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Security-Controls-iSec-CVE-2024-10251 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 86%CPEs: 26EXPL: 3CVE-2024-49138 – Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2024-49138
10 Dec 2024 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges. • https://github.com/MrAle98/CVE-2024-49138-POC • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9391
https://notcve.org/view.php?id=CVE-2018-9391
05 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9390
https://notcve.org/view.php?id=CVE-2018-9390
05 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9386
https://notcve.org/view.php?id=CVE-2018-9386
05 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-06-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13308
https://notcve.org/view.php?id=CVE-2017-13308
05 Dec 2024 — This could lead to a local escalation of privilege with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-06-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 8CVE-2024-48839 – Remote Code Execution, RCE
https://notcve.org/view.php?id=CVE-2024-48839
05 Dec 2024 — An authenticated remote code execution vulnerability in the firmware update mechanism allows an attacker with valid credentials to escalate privileges and execute commands as root. • https://packetstorm.news/files/id/183448 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9463
https://notcve.org/view.php?id=CVE-2018-9463
04 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-08-01 • CWE-787: Out-of-bounds Write •