CVE-2024-51503 – Trend Micro Deep Security Agent Manual Scan Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-51503
A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. • https://success.trendmicro.com/en-US/solution/KA-0018154 https://www.zerodayinitiative.com/advisories/ZDI-24-1516 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2024-48292
https://notcve.org/view.php?id=CVE-2024-48292
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges. • https://github.com/Nero22k/Disclosures/blob/main/QuickHealAV/CVE-2024-48292.md https://www.quickheal.com/download-free-antivirus • CWE-276: Incorrect Default Permissions •
CVE-2017-13314
https://notcve.org/view.php?id=CVE-2017-13314
This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-05-01 • CWE-276: Incorrect Default Permissions •
CVE-2017-13312
https://notcve.org/view.php?id=CVE-2017-13312
This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-05-01 • CWE-276: Incorrect Default Permissions •
CVE-2017-13311
https://notcve.org/view.php?id=CVE-2017-13311
This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-05-01 • CWE-276: Incorrect Default Permissions •