CVE-2024-35250 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-35250
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador en modo kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35250 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVE-2024-30082 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30082
Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30082 • CWE-416: Use After Free •
CVE-2024-37130
https://notcve.org/view.php?id=CVE-2024-37130
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. • https://www.dell.com/support/kbdoc/en-us/000225914/dsa-2024-264-dell-openmanage-server-administrator-omsa-security-update-for-local-privilege-escalation-via-xsl-hijacking-vulnerability • CWE-427: Uncontrolled Search Path Element •
CVE-2024-36821
https://notcve.org/view.php?id=CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root. • https://github.com/IvanGlinkin/CVE-2024-36821 https://downloads.linksys.com/support/assets/releasenotes/WHW01_VLP01_1.1.13.202617_Customer_Release_Notes.txt • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVE-2024-34332
https://notcve.org/view.php?id=CVE-2024-34332
An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API. • https://belong2yourself.github.io/vulnerabilities/docs/SANDRA/Elevation-of-Privileges/readme • CWE-269: Improper Privilege Management •