
CVE-2024-53295
https://notcve.org/view.php?id=CVE-2024-53295
01 Feb 2025 — A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege. • https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities • CWE-1220: Insufficient Granularity of Access Control •

CVE-2025-24828
https://notcve.org/view.php?id=CVE-2025-24828
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7842 • CWE-426: Untrusted Search Path •

CVE-2025-24827
https://notcve.org/view.php?id=CVE-2025-24827
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7841 • CWE-426: Untrusted Search Path •

CVE-2025-24829
https://notcve.org/view.php?id=CVE-2025-24829
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7839 • CWE-426: Untrusted Search Path •

CVE-2025-24830
https://notcve.org/view.php?id=CVE-2025-24830
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7829 • CWE-426: Untrusted Search Path •

CVE-2025-24831
https://notcve.org/view.php?id=CVE-2025-24831
31 Jan 2025 — Local privilege escalation due to unquoted search path vulnerability. • https://security-advisory.acronis.com/advisories/SEC-6153 • CWE-428: Unquoted Search Path or Element •

CVE-2024-57948 – mac802154: check local interfaces before deleting sdata list
https://notcve.org/view.php?id=CVE-2024-57948
31 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardware device from the system. ... To avoid this issue, add a check for local->interfaces before deleting sdata list. To avoid this issue, add a check for local->interfaces before deleting sdata list. • https://git.kernel.org/stable/c/0d11dc30edfc4acef0acef130bb5ca596317190a •

CVE-2025-0145 – Zoom Workplace Apps for Windows - Untrusted Search Path
https://notcve.org/view.php?id=CVE-2025-0145
30 Jan 2025 — Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25004 • CWE-426: Untrusted Search Path •

CVE-2025-0834 – Wondershare Dr.Fone Privilege Scalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-0834
30 Jan 2025 — Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. • https://www.incibe.es/en/incibe-cert/notices/aviso/wondershare-drfone-privilege-scalation-vulnerability • CWE-269: Improper Privilege Management •

CVE-2025-24794 – The Snowflake Connector for Python uses insecure deserialization of the OCSP response cache
https://notcve.org/view.php?id=CVE-2025-24794
29 Jan 2025 — The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. • https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af • CWE-502: Deserialization of Untrusted Data •