CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46906 – WhatsUp Gold GetSqlWhereClause SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-46906
02 Dec 2024 — In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected f... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46907 – WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-46907
02 Dec 2024 — In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected f... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46908 – WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-46908
02 Dec 2024 — In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account. This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected f... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-20135
https://notcve.org/view.php?id=CVE-2024-20135
02 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-20134
https://notcve.org/view.php?id=CVE-2024-20134
02 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 12EXPL: 0CVE-2024-20133
https://notcve.org/view.php?id=CVE-2024-20133
02 Dec 2024 — In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-20132
https://notcve.org/view.php?id=CVE-2024-20132
02 Dec 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 33EXPL: 0CVE-2024-20131
https://notcve.org/view.php?id=CVE-2024-20131
02 Dec 2024 — In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 31EXPL: 0CVE-2024-20130
https://notcve.org/view.php?id=CVE-2024-20130
02 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 46EXPL: 0CVE-2024-20125
https://notcve.org/view.php?id=CVE-2024-20125
02 Dec 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-787: Out-of-bounds Write •