CVE-2024-6147 – Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6147
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-802 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2024-6153 – Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability
https://notcve.org/view.php?id=CVE-2024-6153
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-803 • CWE-693: Protection Mechanism Failure •
CVE-2023-37058
https://notcve.org/view.php?id=CVE-2023-37058
Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command. • http://jlink.com https://github.com/ri5c/Jlink-Router-RCE •
CVE-2024-27275 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2024-27275
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285203 https://www.ibm.com/support/pages/node/7157637 • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVE-2024-37369 – Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
https://notcve.org/view.php?id=CVE-2024-37369
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system. Existe una vulnerabilidad de escalada de privilegios en el producto afectado. La vulnerabilidad permite a los usuarios con pocos privilegios editar scripts, eludir las listas de control de acceso y potencialmente obtener más acceso dentro del sistema. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html • CWE-732: Incorrect Permission Assignment for Critical Resource •