CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-36532
https://notcve.org/view.php?id=CVE-2024-36532
Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/43488e1d41110a5610146b87b2e88a02 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5929 – VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5929
VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 https://www.zerodayinitiative.com/advisories/ZDI-24-818 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5930 – VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5930
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 https://www.zerodayinitiative.com/advisories/ZDI-24-819 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-36071
https://notcve.org/view.php?id=CVE-2024-36071
Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5928 – VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5928
VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 https://www.zerodayinitiative.com/advisories/ZDI-24-817 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •