CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-31337 – PowerVR Driver Missing Sanitization
https://notcve.org/view.php?id=CVE-2024-31337
02 Jul 2024 — This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. • https://packetstorm.news/files/id/179297 •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-25086
https://notcve.org/view.php?id=CVE-2024-25086
02 Jul 2024 — Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code. • https://jungo.com/windriver/versions • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-25088
https://notcve.org/view.php?id=CVE-2024-25088
02 Jul 2024 — Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code. • https://jungo.com/windriver/versions • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-26314
https://notcve.org/view.php?id=CVE-2024-26314
02 Jul 2024 — Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. • https://jungo.com/windriver/versions •
CVSS: 6.7EPSS: 0%CPEs: 36EXPL: 0CVE-2024-20081
https://notcve.org/view.php?id=CVE-2024-20081
01 Jul 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 30EXPL: 0CVE-2024-20079
https://notcve.org/view.php?id=CVE-2024-20079
01 Jul 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-20078
https://notcve.org/view.php?id=CVE-2024-20078
01 Jul 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/July-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39251
https://notcve.org/view.php?id=CVE-2024-39251
01 Jul 2024 — An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests. • https://github.com/Souhardya/Exploit-PoCs/tree/main/ThundeRobot_Control_center • CWE-782: Exposed IOCTL with Insufficient Access Control •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-35139 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2024-35139
28 Jun 2024 — IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. ... IBM Security Access Manager Docker 10.0.0.0 a 10.0.7.1 podría permitir que un usuario local obtenga información confidencial del contenedor debido a permisos predeterminados incorrectos. ... IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local pr... • https://packetstorm.news/files/id/182466 • CWE-276: Incorrect Default Permissions •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-35137 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2024-35137
28 Jun 2024 — IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. ... IBM Security Access Manager Docker 10.0.0.0 a 10.0.7.1 podría permitir que un usuario local posiblemente eleve sus privilegios debido a la exposición de información de configuración confidencial. ... IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, ... • https://packetstorm.news/files/id/182466 • CWE-258: Empty Password in Configuration File •