CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40657
https://notcve.org/view.php?id=CVE-2024-40657
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/8261e0ade3b414fea61d7fe9d8bc6df7a3fc8603 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40655
https://notcve.org/view.php?id=CVE-2024-40655
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/services/Telecomm/+/eeef54b37a362f506ea3aa155baddc545b6a909a •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40654
https://notcve.org/view.php?id=CVE-2024-40654
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/f1d0079c91734168c150f839168544f407b17b06 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40652
https://notcve.org/view.php?id=CVE-2024-40652
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/2909433f7d59dcdd0c74044b1c8e9f48927193dc • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40650
https://notcve.org/view.php?id=CVE-2024-40650
11 Sep 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/2968ccc911956fa5813a9a6a5e5c8970e383a60f • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31336
https://notcve.org/view.php?id=CVE-2024-31336
11 Sep 2024 — This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. • https://source.android.com/security/bulletin/2024-09-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23716
https://notcve.org/view.php?id=CVE-2024-23716
11 Sep 2024 — This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. • https://source.android.com/security/bulletin/2024-09-01 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8012 – Ivanti Workspace Control RES Exposed Dangerous Method Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-8012
10 Sep 2024 — An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Workspace Control. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 8.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-38249 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38249
10 Sep 2024 — Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38249 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44893
https://notcve.org/view.php?id=CVE-2024-44893
10 Sep 2024 — An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to escalate privileges via a crafted GET request. • https://github.com/jeecgboot/JimuReport/issues/2904 • CWE-269: Improper Privilege Management •