CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0413 – Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-0413
04 Feb 2025 — Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. An attacker can leverage this vulnera... • https://kb.parallels.com/130212 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35177 – Improper Access Control in wazuh-agent
https://notcve.org/view.php?id=CVE-2024-35177
03 Feb 2025 — The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability due to improper ACL of the non-default installation directory. ... Many DLLs are loaded from the installation folder and by creating a malicious DLLs that exports the functions of a legit one (and that is not found on the system where the agent is installed, such as rsync.dll) it is possible to escalate privileges from a low-privileged user and obtain code execution under the context of NT AUTHORITY\SYSTEM. • https://github.com/wazuh/wazuh/security/advisories/GHSA-pmr2-2r83-h3cv • CWE-284: Improper Access Control •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 1CVE-2024-56898
https://notcve.org/view.php?id=CVE-2024-56898
03 Feb 2025 — This vulnerability allows low privilege users perform actions that they aren't authorized to, which can be leveraged to escalate privileges, create, modify or delete accounts. • https://github.com/DRAGOWN/CVE-2024-56898 •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-57498
https://notcve.org/view.php?id=CVE-2024-57498
03 Feb 2025 — Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function. • https://gist.github.com/Catherines77/ac0b554f3d755879eb12bfd69ef585b1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24828
https://notcve.org/view.php?id=CVE-2025-24828
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7842 • CWE-426: Untrusted Search Path •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24827
https://notcve.org/view.php?id=CVE-2025-24827
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7841 • CWE-426: Untrusted Search Path •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24829
https://notcve.org/view.php?id=CVE-2025-24829
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7839 • CWE-426: Untrusted Search Path •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24830
https://notcve.org/view.php?id=CVE-2025-24830
31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7829 • CWE-426: Untrusted Search Path •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24831
https://notcve.org/view.php?id=CVE-2025-24831
31 Jan 2025 — Local privilege escalation due to unquoted search path vulnerability. • https://security-advisory.acronis.com/advisories/SEC-6153 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0834 – Wondershare Dr.Fone Privilege Scalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-0834
30 Jan 2025 — This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. • https://www.incibe.es/en/incibe-cert/notices/aviso/wondershare-drfone-privilege-scalation-vulnerability • CWE-269: Improper Privilege Management •