CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36305 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36305
06 Jun 2024 — A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000298063 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36358 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36358
06 Jun 2024 — A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000298151 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36359 – Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-36359
06 Jun 2024 — A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. ... This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro InterScan Web Security Virtual Appliance. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://success.trendmicro.com/dcx/s/solution/000298065 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37289 – Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-37289
06 Jun 2024 — An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. ... This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000298063 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38042
https://notcve.org/view.php?id=CVE-2023-38042
31 May 2024 — A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46810
https://notcve.org/view.php?id=CVE-2023-46810
31 May 2024 — A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as root. • https://forums.ivanti.com/s/article/Security-Advisory-May-2024 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1867 – G DATA Total Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-1867
31 May 2024 — G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to ... • https://www.zerodayinitiative.com/advisories/ZDI-24-559 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1868 – G DATA Total Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-1868
31 May 2024 — G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to ... • https://www.zerodayinitiative.com/advisories/ZDI-24-558 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-30369 – A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-30369
29 May 2024 — A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC. This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. An attacker can leverage this vulnerability to ... • https://support.a10networks.com/support/security_advisory/cve-2024-30368-cve-2024-30369 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31510
https://notcve.org/view.php?id=CVE-2024-31510
24 May 2024 — An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component. • https://gist.github.com/liang-junkai/a9fc693f8bdf176e9d9f56773bf20703 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI) •