CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39463 – 9p: add missing locking around taking dentry fid list
https://notcve.org/view.php?id=CVE-2024-39463
25 Jun 2024 — This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. ... A local attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A local attacker could use this to cause a denial of service. • https://git.kernel.org/stable/c/154372e67d4053e56591245eb413686621941333 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30931
https://notcve.org/view.php?id=CVE-2024-30931
25 Jun 2024 — Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html component. • https://happy-little-accidents.pages.dev/posts/CVE-2024-30931 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6240 – Improper privilege management vulnerability in Parallels Desktop
https://notcve.org/view.php?id=CVE-2024-6240
21 Jun 2024 — Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. ... An attacker could exploit this vulnerability to escalate privileges on the system. • https://www.incibe.es/en/incibe-cert/notices/aviso/improper-privilege-management-vulnerability-parallels-desktop • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31890 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2024-31890
21 Jun 2024 — IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. • https://exchange.xforce.ibmcloud.com/vulnerabilities/288171 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.3EPSS: 0%CPEs: 13EXPL: 0CVE-2024-2003 – Local Privilege Escalation in Quarantine of ESET products for Windows
https://notcve.org/view.php?id=CVE-2024-2003
21 Jun 2024 — Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine. This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://support.eset.com/ca8674 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36532
https://notcve.org/view.php?id=CVE-2024-36532
21 Jun 2024 — Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/43488e1d41110a5610146b87b2e88a02 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39350 – Synology BC500 Improper Compartmentalization Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-39350
21 Jun 2024 — This vulnerability allows local attackers to escalate privileges on affected installations of Synology BC500 cameras. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://www.synology.com/en-global/security/advisory/Synology_SA_23_15 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36071
https://notcve.org/view.php?id=CVE-2024-36071
20 Jun 2024 — Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5929 – VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5929
20 Jun 2024 — VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges an... • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5928 – VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5928
20 Jun 2024 — VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbi... • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •