CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-7987 – Rockwell Automation ThinManager® ThinServerâ„¢ Information Disclosure and Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2024-7987
This vulnerability allows local attackers to escalate privileges on affected installations of Rockwell Automation ThinManager. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30377 – G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-30377
G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-1159 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7980
https://notcve.org/view.php?id=CVE-2024-7980
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/356328460 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7979
https://notcve.org/view.php?id=CVE-2024-7979
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/356064205 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7977
https://notcve.org/view.php?id=CVE-2024-7977
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/324770940 • CWE-20: Improper Input Validation •