CVE-2024-32656 – Ant Media Server vulnerable to local privilege escalation
https://notcve.org/view.php?id=CVE-2024-32656
A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. ... This vulnerability is nearly identical to the local privilege escalation vulnerability CVE-2023-26269 identified in Apache James. • https://github.com/ant-media/Ant-Media-Server/commit/9cb38500729e0ff302da0290b9cfe1ec4dd6c764 https://github.com/ant-media/Ant-Media-Server/security/advisories/GHSA-qwhw-hh9j-54f5 • CWE-862: Missing Authorization •
CVE-2024-32405
https://notcve.org/view.php?id=CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function. • https://cxsecurity.com/issue/WLB-2024040051 https://packetstormsecurity.com/files/178101/Relate-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-50260 – Wazuh's vulnerability in host_deny AR script allows arbitrary command execution
https://notcve.org/view.php?id=CVE-2023-50260
So, it can leads to LPE on server as root and RCE on agent as root. ... Por lo tanto, puede conducir a LPE en el servidor como raíz y a RCE en el agente como raíz. • https://github.com/wazuh/wazuh/security/advisories/GHSA-mjq2-xf8g-68vw • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-24910 – Local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server via crafted DLL file
https://notcve.org/view.php?id=CVE-2024-24910
A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. • https://support.checkpoint.com/results/sk/sk182219 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2024-31031
https://notcve.org/view.php?id=CVE-2024-31031
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow. Un problema en `coap_pdu.c` en libcoap 4.3.4 permite a los atacantes provocar un comportamiento indefinido a través de una secuencia de mensajes que conducen a un desbordamiento de enteros sin signo. • https://github.com/obgm/libcoap/issues/1351 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPENEJBV3KSASIYKNZAKXDAH7Q66KPYG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUL7QDYFGEIJVO2ZSG4O5HEAWR6PFC52 • CWE-190: Integer Overflow or Wraparound •