CVE-2024-6154 – Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6154
An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. ... An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. • https://www.zerodayinitiative.com/advisories/ZDI-24-804 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-6147 – Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6147
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Spokes Update Service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Spokes Update Service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-802 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2024-23153 – Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23153
A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-125: Out-of-bounds Read •
CVE-2024-23156 – Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23156
This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2024-23157 – Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23157
This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •