CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-8957 – PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-8957
17 Sep 2024 — PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the /cgi-bin/param.cgi CGI script. • https://ptzoptics.com/firmware-changelog • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38813 – VMware vCenter Server Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-38813
17 Sep 2024 — The vCenter Server contains a privilege escalation vulnerability. The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially craf... • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 • CWE-250: Execution with Unnecessary Privileges CWE-273: Improper Check for Dropped Privileges •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8766
https://notcve.org/view.php?id=CVE-2024-8766
16 Sep 2024 — Local privilege escalation due to DLL hijacking vulnerability. ... Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7218 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34016
https://notcve.org/view.php?id=CVE-2024-34016
16 Sep 2024 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7188 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44095
https://notcve.org/view.php?id=CVE-2024-44095
13 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-09-01 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44094
https://notcve.org/view.php?id=CVE-2024-44094
13 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44093
https://notcve.org/view.php?id=CVE-2024-44093
13 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-783: Operator Precedence Logic Error •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44092
https://notcve.org/view.php?id=CVE-2024-44092
13 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. ... This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-09-01 • CWE-489: Active Debug Code •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29779
https://notcve.org/view.php?id=CVE-2024-29779
13 Sep 2024 — there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-09-01 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7756
https://notcve.org/view.php?id=CVE-2024-7756
13 Sep 2024 — A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-489: Active Debug Code •