CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5930 – VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5930
20 Jun 2024 — VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and exe... • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6141 – Windscribe Directory Traversal Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6141
20 Jun 2024 — Windscribe Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM... • https://github.com/Windscribe/Desktop-App/blob/90a5cc3c1f50f6545f83969c2ace6b4ac2c91c4e/client/common/changelog.txt#L23 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 5CVE-2024-37081 – VMware vCenter Sudo Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-37081
18 Jun 2024 — The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance. An authenticated local user with non-administrative privileges may exploit these is... • https://packetstorm.news/files/id/182981 • CWE-556: ASP.NET Misconfiguration: Use of Identity Impersonation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6147 – Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6147
18 Jun 2024 — Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the... • https://www.zerodayinitiative.com/advisories/ZDI-24-802 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6154 – Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6154
18 Jun 2024 — Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary... • https://www.zerodayinitiative.com/advisories/ZDI-24-804 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6153 – Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability
https://notcve.org/view.php?id=CVE-2024-6153
18 Jun 2024 — This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. An attacker can leverage this in conjunction with other vulnerabilities to escal... • https://www.zerodayinitiative.com/advisories/ZDI-24-803 • CWE-693: Protection Mechanism Failure •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37058
https://notcve.org/view.php?id=CVE-2023-37058
17 Jun 2024 — Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command. • http://jlink.com •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27275 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2024-27275
15 Jun 2024 — IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support. ... IBM i 7.2, 7.3, 7.4 y 7.5 contiene una vulnerabilidad de escalada de privilegios <... • https://exchange.xforce.ibmcloud.com/vulnerabilities/285203 • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37369 – Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
https://notcve.org/view.php?id=CVE-2024-37369
14 Jun 2024 — A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34012
https://notcve.org/view.php?id=CVE-2024-34012
14 Jun 2024 — Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-5758 • CWE-276: Incorrect Default Permissions •