CVE-2024-31953
https://notcve.org/view.php?id=CVE-2024-31953
Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. • https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31953 • CWE-269: Improper Privilege Management •
CVE-2024-31952
https://notcve.org/view.php?id=CVE-2024-31952
Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. • https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31952 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2024-31771
https://notcve.org/view.php?id=CVE-2024-31771
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file La vulnerabilidad de permiso inseguro en TotalAV v.6.0.740 permite a un atacante local escalar privilegios a través de un archivo manipulado • https://github.com/restdone/CVE-2024-31771 • CWE-266: Incorrect Privilege Assignment •
CVE-2024-30802
https://notcve.org/view.php?id=CVE-2024-30802
An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges via the login.html component. • https://github.com/WarmBrew/web_vul/blob/main/TTX.md • CWE-1393: Use of Default Password •
CVE-2024-28285
https://notcve.org/view.php?id=CVE-2024-28285
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges. • https://gist.github.com/liang-junkai/3e91f58070812ea76c1b8c126c3e28c7 • CWE-209: Generation of Error Message Containing Sensitive Information CWE-285: Improper Authorization •