CVSS: 6.7EPSS: 0%CPEs: 24EXPL: 0CVE-2023-32873
https://notcve.org/view.php?id=CVE-2023-32873
06 May 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/May-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 37EXPL: 0CVE-2024-20057
https://notcve.org/view.php?id=CVE-2024-20057
06 May 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/May-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2024-20056
https://notcve.org/view.php?id=CVE-2024-20056
06 May 2024 — In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/May-2024 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29417
https://notcve.org/view.php?id=CVE-2024-29417
03 May 2024 — Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function. La vulnerabilidad de permisos inseguros en e-trust Horacius 1.0, 1.1 y 1.2 permite a un atacante local escalar privilegios a través de la función de restablecimiento de contraseña. • https://blog.pridesec.com.br/en/horacius-unauthenticated-privilege-escalation • CWE-277: Insecure Inherited Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27453
https://notcve.org/view.php?id=CVE-2024-27453
03 May 2024 — In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI). • https://extreme-networks.my.site.com/ExtrArticleDetail?an=000118266 • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7241 – Webroot Antivirus COM-Hijacking LPE
https://notcve.org/view.php?id=CVE-2023-7241
01 May 2024 — Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files. ... Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files. • https://answers.webroot.com/Webroot/ukp.aspx?&app=vw&vw=1&login=1&solutionid=4258 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24912 – Local privilege escalation in Harmony Endpoint Security Client for Windows via crafted DLL file
https://notcve.org/view.php?id=CVE-2024-24912
01 May 2024 — A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. Se ha identificado una vulnerabilidad de escalada de privilegios local en Harmony Endpoint Security Client para las versiones E88.10 y anteriores de Windows. Para aprovechar esta vulnerabilidad, un atacante prim... • https://support.checkpoint.com/results/sk/sk182244 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22830
https://notcve.org/view.php?id=CVE-2024-22830
01 May 2024 — This allows a local attacker to escalate privileges from regular user to System or PPL level. ... Esto permite a un atacante local escalar privilegios desde el nivel de usuario normal al nivel de Sistema o PPL. • http://anti-cheat.com • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-33775
https://notcve.org/view.php?id=CVE-2024-33775
01 May 2024 — An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet. • https://github.com/Neo-XeD/CVE-2024-33775 • CWE-269: Improper Privilege Management •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2378
https://notcve.org/view.php?id=CVE-2024-2378
30 Apr 2024 — If exploited an attacker could escalate privileges on af-fected installations. • https://github.com/HazardLab-IO/CVE-2024-23780 • CWE-863: Incorrect Authorization •