CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42025
https://notcve.org/view.php?id=CVE-2024-42025
13 Sep 2024 — A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. • https://community.ui.com/releases/Security-Advisory-Bulletin-042-042/c4f68b56-cdc4-4128-b2cb-5870209d1704 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-8533 – Rockwell Automation OptixPanel™ Privilege Escalation Vulnerability via File Permissions
https://notcve.org/view.php?id=CVE-2024-8533
12 Sep 2024 — A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1964.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6510 – Local privilege escalation vulnerability in AVG Internet Security
https://notcve.org/view.php?id=CVE-2024-6510
12 Sep 2024 — Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. • https://www.cirosec.de/sa/sa-2023-008 • CWE-427: Uncontrolled Search Path Element CWE-732: Incorrect Permission Assignment for Critical Resource CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7890 – Local privilege escalation allows a low-privileged user to gain SYSTEM privileges
https://notcve.org/view.php?id=CVE-2024-7890
11 Sep 2024 — Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows • https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US • CWE-269: Improper Privilege Management •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7889 – Local privilege escalation allows a low-privileged user to gain SYSTEM privileges
https://notcve.org/view.php?id=CVE-2024-7889
11 Sep 2024 — Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows • https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 0CVE-2024-20398 – Cisco IOS XR Software Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-20398
11 Sep 2024 — A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-CrG5vhCq • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2024-40662
https://notcve.org/view.php?id=CVE-2024-40662
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://github.com/Aakashmom/net_G2.5_CVE-2024-40662 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2024-40658
https://notcve.org/view.php?id=CVE-2024-40658
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-40658 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40657
https://notcve.org/view.php?id=CVE-2024-40657
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/8261e0ade3b414fea61d7fe9d8bc6df7a3fc8603 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40655
https://notcve.org/view.php?id=CVE-2024-40655
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/services/Telecomm/+/eeef54b37a362f506ea3aa155baddc545b6a909a •