CVSS: 4.2EPSS: 0%CPEs: -EXPL: 0CVE-2025-20745
https://notcve.org/view.php?id=CVE-2025-20745
04 Nov 2025 — This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-416: Use After Free •
CVSS: 4.2EPSS: 0%CPEs: -EXPL: 0CVE-2025-20744
https://notcve.org/view.php?id=CVE-2025-20744
04 Nov 2025 — In pda, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-416: Use After Free •
CVSS: 4.2EPSS: 0%CPEs: -EXPL: 0CVE-2025-20743
https://notcve.org/view.php?id=CVE-2025-20743
04 Nov 2025 — In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-20737
https://notcve.org/view.php?id=CVE-2025-20737
04 Nov 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-20735
https://notcve.org/view.php?id=CVE-2025-20735
04 Nov 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-20733
https://notcve.org/view.php?id=CVE-2025-20733
04 Nov 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2025-20730
https://notcve.org/view.php?id=CVE-2025-20730
04 Nov 2025 — In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20728
https://notcve.org/view.php?id=CVE-2025-20728
04 Nov 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2025 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-12683 – NULL DACL assigned to Named Pipe communicating with SYSTEM Service
https://notcve.org/view.php?id=CVE-2025-12683
04 Nov 2025 — The named pipe has a NULL DACL and thus provides all users full permission over it; leading to potential Service Denial Of Service or Privilege escalation(only if chained with other elements) for a local low privilege user. • https://www.voidtools.com • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2011-10035 – Nagios XI < 2011R1.9 Race Conditions in Crontab Install Scripts LPE
https://notcve.org/view.php?id=CVE-2011-10035
30 Oct 2025 — Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Due to time-of-check/time-of-use race conditions and missing synchronization or final-path validation, a local low-privileged user could manipulate filesystem state during crontab installat... • https://www.vulncheck.com/advisories/nagios-xi-race-conditions-in-crontab-install-script-lpe • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •