CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-25086
https://notcve.org/view.php?id=CVE-2024-25086
02 Jul 2024 — Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code. • https://jungo.com/windriver/versions • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-25088
https://notcve.org/view.php?id=CVE-2024-25088
02 Jul 2024 — Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code. • https://jungo.com/windriver/versions • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-26314
https://notcve.org/view.php?id=CVE-2024-26314
02 Jul 2024 — Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. • https://jungo.com/windriver/versions •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2023-51776
https://notcve.org/view.php?id=CVE-2023-51776
02 Jul 2024 — Improper privilege management in Jungo WinDriver before 12.1.0 allows local attackers to escalate privileges and execute arbitrary code. • https://jungo.com/windriver/versions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39251
https://notcve.org/view.php?id=CVE-2024-39251
01 Jul 2024 — An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests. • https://github.com/Souhardya/Exploit-PoCs/tree/main/ThundeRobot_Control_center • CWE-782: Exposed IOCTL with Insufficient Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4395 – Lack of Client Validation in Jamf Compliance Editor's Helper Service May Result in Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-4395
27 Jun 2024 — The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege escalation. • https://github.com/Jamf-Concepts/jamf-compliance-editor/raw/v1.3.1/Jamf%20Compliance%20Editor%20-%20User%20Guide.pdf • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38370 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2023-38370
27 Jun 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261197 • CWE-276: Incorrect Default Permissions •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38368 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2023-38368
27 Jun 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261195 • CWE-276: Incorrect Default Permissions CWE-863: Incorrect Authorization •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30997 – IBM Security Access Manager Docker privilege escalation
https://notcve.org/view.php?id=CVE-2023-30997
27 Jun 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254638 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30998 – IBM Security Access Manager Docker privilege escalation
https://notcve.org/view.php?id=CVE-2023-30998
27 Jun 2024 — IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254649 • CWE-250: Execution with Unnecessary Privileges •