CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-6147 – Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6147
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-802 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6153 – Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability
https://notcve.org/view.php?id=CVE-2024-6153
This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. ... This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-803 • CWE-693: Protection Mechanism Failure •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-37058
https://notcve.org/view.php?id=CVE-2023-37058
Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command. • http://jlink.com https://github.com/ri5c/Jlink-Router-RCE •
CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-27275 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2024-27275
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support. ... IBM i 7.2, 7.3, 7.4 y 7.5 contiene una vulnerabilidad de escalada de privilegios local causada por un requisito de autoridad insuficiente. Un usuario local sin privilegios de administrador puede configurar un activador de archivo físico para ejecutarlo con los privilegios de un usuario manipulado socialmente para acceder al archivo de destino. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285203 https://www.ibm.com/support/pages/node/7157637 • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37369 – Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
https://notcve.org/view.php?id=CVE-2024-37369
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html • CWE-732: Incorrect Permission Assignment for Critical Resource •