CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42025
https://notcve.org/view.php?id=CVE-2024-42025
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. • https://community.ui.com/releases/Security-Advisory-Bulletin-042-042/c4f68b56-cdc4-4128-b2cb-5870209d1704 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7960 – Rockwell Automation Incorrect Privileges and Path Traversal Vulnerability in Pavilion8®
https://notcve.org/view.php?id=CVE-2024-7960
The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html • CWE-269: Improper Privilege Management •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-8533 – Rockwell Automation OptixPanelâ„¢ Privilege Escalation Vulnerability via File Permissions
https://notcve.org/view.php?id=CVE-2024-8533
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1964.html • CWE-269: Improper Privilege Management •
CVSS: 7.3EPSS: 0%CPEs: 21EXPL: 0CVE-2024-20430 – Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-20430
A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6510 – Local privilege escalation vulnerability in AVG Internet Security
https://notcve.org/view.php?id=CVE-2024-6510
Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. • https://www.cirosec.de/sa/sa-2023-008 • CWE-427: Uncontrolled Search Path Element CWE-732: Incorrect Permission Assignment for Critical Resource CWE-749: Exposed Dangerous Method or Function •