CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-31757
https://notcve.org/view.php?id=CVE-2024-31757
An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component. Un problema en TeraByte Unlimited Image para Windows v.3.64.0.0 y anteriores y solucionado en v.4.0.0.0 permite a un atacante local escalar privilegios a través del componente TBOFLHelper64.sys y TBOFLHelper.sys. • https://www.terabyteunlimited.com/image-for-windows • CWE-269: Improper Privilege Management •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31335 – PowerVR DevmemIntChangeSparse2() Dangling Page Table Entry
https://notcve.org/view.php?id=CVE-2024-31335
This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios en el kernel sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/2024-07-01 • CWE-783: Operator Precedence Logic Error •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34724 – PowerVR _UnrefAndMaybeDestroy() Use-After-Free
https://notcve.org/view.php?id=CVE-2024-34724
This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios en el kernel sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/2024-07-01 • CWE-368: Context Switching Race Condition •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36076
https://notcve.org/view.php?id=CVE-2024-36076
Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session. • https://github.com/Syslifters/sysreptor/releases/tag/2024.40 https://github.com/Syslifters/sysreptor/security/advisories/GHSA-2vfc-3h43-vghh • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35880 – io_uring/kbuf: hold io_buffer_list reference over mmap
https://notcve.org/view.php?id=CVE-2024-35880
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • https://git.kernel.org/stable/c/09f7520048eaaee9709091cd2787966f807da7c5 https://git.kernel.org/stable/c/5cf4f52e6d8aa2d3b7728f568abbf9d42a3af252 https://git.kernel.org/stable/c/65938e81df2197203bda4b9a0c477e7987218d66 https://git.kernel.org/stable/c/5fd8e2359498043e0b5329a05f02d10a9eb91eb9 https://git.kernel.org/stable/c/561e4f9451d65fc2f7eef564e0064373e3019793 •