CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6975 – Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file
https://notcve.org/view.php?id=CVE-2024-6975
Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34. • https://support.catonetworks.com/hc/en-us/articles/19758025406621-CVE-2024-6975-Windows-SDP-Client-Local-Privilege-Escalation-via-openssl-configuration-file • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6974 – Cato Networks Windows SDP Client Local Privilege Escalation via self-upgrade
https://notcve.org/view.php?id=CVE-2024-6974
Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34. • https://support.catonetworks.com/hc/en-us/articles/19762641007133-CVE-2024-6974-Windows-SDP-Client-Local-Privilege-Escalation-via-self-upgrade • CWE-276: Incorrect Default Permissions CWE-426: Untrusted Search Path •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-31202
https://notcve.org/view.php?id=CVE-2024-31202
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31202 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-40465
https://notcve.org/view.php?id=CVE-2024-40465
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the getCacheFileName function in file.go file • https://gist.github.com/nyxfqq/a5a2fc5147a1b34538e1ac05a3e56910 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-328: Use of Weak Hash •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-40464
https://notcve.org/view.php?id=CVE-2024-40464
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file • https://gist.github.com/nyxfqq/b53b0148b9aa040de63f58a68fd11445 • CWE-599: Missing Validation of OpenSSL Certificate •