CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-34734
https://notcve.org/view.php?id=CVE-2024-34734
15 Aug 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/207584fb6f820eba14251251d7e9331bfd57adb8 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-34731
https://notcve.org/view.php?id=CVE-2024-34731
15 Aug 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/av/+/4b68b00993849b6a7f0e6d075bc2c8bb2e184e61 • CWE-368: Context Switching Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31333
https://notcve.org/view.php?id=CVE-2024-31333
15 Aug 2024 — This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. • https://source.android.com/security/bulletin/2024-08-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-5915 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-5915
14 Aug 2024 — A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2024-5915 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20083
https://notcve.org/view.php?id=CVE-2024-20083
14 Aug 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/August-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38163 – Windows Update Stack Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38163
13 Aug 2024 — Windows Update Stack Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48171
https://notcve.org/view.php?id=CVE-2023-48171
12 Aug 2024 — An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component. • https://gccybermonks.com/posts/defectdojo • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27442
https://notcve.org/view.php?id=CVE-2024-27442
12 Aug 2024 — However, an attacker can escalate privileges from the zimbra user to root, because of improper handling of input arguments. An attacker can execute arbitrary commands with elevated privileges, leading to local privilege escalation. • https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-7553 – Accessing Untrusted Directory May Allow Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-7553
07 Aug 2024 — Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. • https://jira.mongodb.org/browse/CDRIVER-5650 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-5290 – Ubuntu Security Notice USN-6945-1
https://notcve.org/view.php?id=CVE-2024-5290
07 Aug 2024 — An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root). Membership in the netdev group or access to the dbus interface of wpa_supplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpa_supplicant process; other escalation paths might exist. ... An attacker could u... • https://snyk.io/blog/abusing-ubuntu-root-privilege-escalation • CWE-427: Uncontrolled Search Path Element •