CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-44439
https://notcve.org/view.php?id=CVE-2024-44439
., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v.1.9.1 allows a remote attacker to escalate privileges via the open port. • https://smiling-lemonade-122.notion.site/f7da442e0f8a40fc846eea495dcdd329 https://www.notion.so/f7da442e0f8a40fc846eea495dcdd329?pvs=4 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-5803 – Local privelage escalation via COM hijacking
https://notcve.org/view.php?id=CVE-2024-5803
The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 1CVE-2024-44193 – iTunes For Windows 12.13.2.3 Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-44193
A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges. • https://github.com/mbog14/CVE-2024-44193 https://support.apple.com/en-us/121328 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8885
https://notcve.org/view.php?id=CVE-2024-8885
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files. • https://www.sophos.com/en-us/security-advisories/sophos-sa-20241002-cde-lpe • CWE-502: Deserialization of Untrusted Data CWE-1104: Use of Unmaintained Third Party Components •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-35288 – Nitro PDF Pro Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-35288
Nitro PDF Pro before 13.70.8.82 and 14.x before 14.26.1.0 allows Local Privilege Escalation in the MSI Installer because custom actions occur unsafely in repair mode. • https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-nitro-pdf-pro https://seclists.org/fulldisclosure/2024/Sep/59 https://www.gonitro.com/support/downloads#securityUpdates •