CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 2CVE-2024-5009 – WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5009
This vulnerability allows local attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. • https://github.com/sinsinology/CVE-2024-5009 https://github.com/th3gokul/CVE-2024-5009 https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 https://www.progress.com/network-monitoring • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39463 – 9p: add missing locking around taking dentry fid list
https://notcve.org/view.php?id=CVE-2024-39463
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • https://git.kernel.org/stable/c/154372e67d4053e56591245eb413686621941333 https://git.kernel.org/stable/c/3bb6763a8319170c2d41c4232c8e7e4c37dcacfb https://git.kernel.org/stable/c/cb299cdba09f46f090b843d78ba26b667d50a456 https://git.kernel.org/stable/c/f0c5c944c6d8614c19e6e9a97fd2011dcd30e8f5 https://git.kernel.org/stable/c/fe17ebf22feb4ad7094d597526d558a49aac92b4 https://git.kernel.org/stable/c/c898afdc15645efb555acb6d85b484eb40a45409 https://www.zerodayinitiative.com/advisories/ZDI-24-1194 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-30931
https://notcve.org/view.php?id=CVE-2024-30931
Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html component. • https://happy-little-accidents.pages.dev/posts/CVE-2024-30931 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6240 – Improper privilege management vulnerability in Parallels Desktop
https://notcve.org/view.php?id=CVE-2024-6240
An attacker could exploit this vulnerability to escalate privileges on the system. • https://www.incibe.es/en/incibe-cert/notices/aviso/improper-privilege-management-vulnerability-parallels-desktop • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31890 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2024-31890
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/288171 https://www.ibm.com/support/pages/node/7158240 • CWE-250: Execution with Unnecessary Privileges •