CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47194
https://notcve.org/view.php?id=CVE-2024-47194
08 Oct 2024 — This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2024-43556 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-43556
08 Oct 2024 — Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43556 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 40EXPL: 0CVE-2024-27458 – HP Hotkey Support – Escalation of Privilege
https://notcve.org/view.php?id=CVE-2024-27458
07 Oct 2024 — A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. • https://support.hp.com/us-en/document/ish_11342101-11342130-16/hpsbhf03977 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9576 – Improper access control in Linux Workbooth Distro
https://notcve.org/view.php?id=CVE-2024-9576
07 Oct 2024 — Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating the network configuration script. • https://www.incibe.es/en/incibe-cert/notices/aviso/improper-access-control-linux-workbooth-distro • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20099
https://notcve.org/view.php?id=CVE-2024-20099
07 Oct 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 19EXPL: 0CVE-2024-20098
https://notcve.org/view.php?id=CVE-2024-20098
07 Oct 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20092
https://notcve.org/view.php?id=CVE-2024-20092
07 Oct 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20090
https://notcve.org/view.php?id=CVE-2024-20090
07 Oct 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/October-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44439
https://notcve.org/view.php?id=CVE-2024-44439
04 Oct 2024 — ., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v.1.9.1 allows a remote attacker to escalate privileges via the open port. • https://smiling-lemonade-122.notion.site/f7da442e0f8a40fc846eea495dcdd329 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5803 – Local privelage escalation via COM hijacking
https://notcve.org/view.php?id=CVE-2024-5803
03 Oct 2024 — The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •