CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3037 – Arbitrary File Deletion in PaperCut NG/MF Web Print
https://notcve.org/view.php?id=CVE-2024-3037
This vulnerability allows local attackers to escalate privileges on affected installations of PaperCut NG. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.papercut.com/kb/Main/security-bulletin-may-2024 https://www.papercut.com/kb/Main/Security-Bulletin-May-2024 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-30033 – Windows Search Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30033
Windows Search Service Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del servicio de búsqueda de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30033 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-30802
https://notcve.org/view.php?id=CVE-2024-30802
An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges via the login.html component. • https://github.com/WarmBrew/web_vul/blob/main/TTX.md https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-30802.md • CWE-1393: Use of Default Password •
CVSS: 2.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-29210
https://notcve.org/view.php?id=CVE-2024-29210
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for Outlook (PAB), specifically within its configuration management functionalities. ... Se ha identificado una vulnerabilidad de escalada de privilegios locales (LPE) en Phish Alert Button for Outlook (PAB), específicamente dentro de sus funcionalidades de gestión de configuración. • https://support.knowbe4.com/hc/en-us/articles/28959854203923-CVE-2024-29210 • CWE-269: Improper Privilege Management •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3576 – NPort 5100A Series Store XSS Vulnerability
https://notcve.org/view.php?id=CVE-2024-3576
Malicious users may use the vulnerability to get sensitive information and escalate privileges. • https://www.moxa.com/en/support/product-support/security-advisory/mpsa-246328-nport-5100a-series-store-xss-vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •