CVE-2023-6154 – Local privilege escalation in Bitdefender Total Security (VA-11168)
https://notcve.org/view.php?id=CVE-2023-6154
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114. Un problema de configuración en seccenter.exe tal como se usa en Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free permite a un atacante cambiar el comportamiento esperado del producto y potencialmente cargar una librería de terceros durante la ejecución. Este problema afecta a Total Security: 27.0.25.114; Seguridad de Internet: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus gratuito: 27.0.25.114. • https://bitdefender.com/support/security-advisories/local-privilege-escalation-in-bitdefender-total-security-va-11168 • CWE-15: External Control of System or Configuration Setting •
CVE-2024-2658 – Flexera Software FlexNet Publisher Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-2658
This vulnerability allows local attackers to escalate privileges on affected installations of Flexera Software FlexNet Publisher. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. •
CVE-2024-23537 – Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.
https://notcve.org/view.php?id=CVE-2024-23537
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.9.0, which fixes the issue. Vulnerabilidad de gestión de privilegios incorrecta en Apache Fineract. Este problema afecta a Apache Fineract: <1.8.5. Se recomienda a los usuarios actualizar a la versión 1.9.0, que soluciona el problema. • http://www.openwall.com/lists/oss-security/2024/03/29/1 https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report https://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1 • CWE-269: Improper Privilege Management •
CVE-2024-29667
https://notcve.org/view.php?id=CVE-2024-29667
., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter. • https://github.com/whgojp/cve-reports/wiki/CMSV6-vehicle-monitoring-platform-system-SQL-injection • CWE-269: Improper Privilege Management •
CVE-2024-30542 – WordPress WholesaleX plugin <= 1.3.2 - Unauthenticated Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-30542
This makes it possible for unauthenticated attackers to escalate their privileges. • https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-privilege-escalation-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management •