CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-24912 – Local privilege escalation in Harmony Endpoint Security Client for Windows via crafted DLL file
https://notcve.org/view.php?id=CVE-2024-24912
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. • https://support.checkpoint.com/results/sk/sk182244 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-22830
https://notcve.org/view.php?id=CVE-2024-22830
This allows a local attacker to escalate privileges from regular user to System or PPL level. • http://anti-cheat.com https://intl.anticheatexpert.com/#/tool-center https://www.defencetech.it/wp-content/uploads/2024/04/Report-CVE-2024-22830.pdf • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-33775
https://notcve.org/view.php?id=CVE-2024-33775
An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet. • https://github.com/Neo-XeD/CVE-2024-33775 https://www.nagios.com/changelog/#nagios-xi • CWE-269: Improper Privilege Management •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 1CVE-2024-2378
https://notcve.org/view.php?id=CVE-2024-2378
If exploited an attacker could escalate privileges on af-fected installations. • https://github.com/HazardLab-IO/CVE-2024-23780 https://publisher.hitachienergy.com/preview?DocumentId=8DBD000191&languageCode=en&Preview=true • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-33267
https://notcve.org/view.php?id=CVE-2024-33267
SQL Injection vulnerability in Hero hfheropayment v.1.2.5 and before allows an attacker to escalate privileges via the HfHeropaymentGatewayBackModuleFrontController::initContent() function. • https://security.friendsofpresta.org/modules/2024/04/29/hfheropayment.html https://www.heropay.eu • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •