NotCVE - Local Privilege Escalation

Page 41 of 8141 results (0.188 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2024-31891 – IBM Storage Scale privilege escalation

https://notcve.org/view.php?id=CVE-2024-31891

14 Dec 2024 — IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. • https://www.ibm.com/support/pages/node/7178098 • CWE-250: Execution with Unnecessary Privileges •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-12552 – Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2024-12552

12 Dec 2024 — Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the conte... • https://cdn.wacom.com/u/productsupport/drivers/win/professional/releasenotes/Windows_6.4.8-2.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-11598

https://notcve.org/view.php?id=CVE-2024-11598

11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Application-Control-CVE-2024-11598 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-11597

https://notcve.org/view.php?id=CVE-2024-11597

11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Performance-Manager-CVE-2024-11597 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-8496

https://notcve.org/view.php?id=CVE-2024-8496

11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Workspace-Control-IWC-CVE-2024-8496 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-9845

https://notcve.org/view.php?id=CVE-2024-9845

11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Automation-CVE-2024-9845 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-10251

https://notcve.org/view.php?id=CVE-2024-10251

11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Security-Controls-iSec-CVE-2024-10251 • CWE-276: Incorrect Default Permissions •

CVSS: 10.0EPSS: 87%CPEs: 26EXPL: 6

CVE-2024-49138 – Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2024-49138

10 Dec 2024 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges. • https://packetstorm.news/files/id/190585 • CWE-122: Heap-based Buffer Overflow •

CVSS: 4.4EPSS: 15%CPEs: -EXPL: 0

CVE-2024-55550 – Mitel MiCollab Path Traversal Vulnerability

https://notcve.org/view.php?id=CVE-2024-55550

10 Dec 2024 — Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. ... This vulnerability does not allow file modification or privilege escalation. Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. • https://www.mitel.com/support/security-advisories • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-50627

https://notcve.org/view.php?id=CVE-2024-50627

09 Dec 2024 — A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access. • https://www.digi.com/getattachment/Resources/Security/Alerts/Digi-ConnectPort-LTS-Firmware-Update/ConnectPort-LTS-KB.pdf • CWE-552: Files or Directories Accessible to External Parties •

1...39 40 41 42 43