CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29853
https://notcve.org/view.php?id=CVE-2024-29853
An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation. • https://veeam.com/kb4582 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2024-22026
https://notcve.org/view.php?id=CVE-2024-22026
A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance. • https://github.com/securekomodo/CVE-2024-22026 https://forums.ivanti.com/s/article/Security-Advisory-EPMM-May-2024?language=en_US •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-33228
https://notcve.org/view.php?id=CVE-2024-33228
An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33228 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-33227
https://notcve.org/view.php?id=CVE-2024-33227
An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33227 •
CVSS: 9.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-33226
https://notcve.org/view.php?id=CVE-2024-33226
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33226 • CWE-269: Improper Privilege Management •