CVSS: 7.3EPSS: %CPEs: -EXPL: 0CVE-2024-31954
https://notcve.org/view.php?id=CVE-2024-31954
Because it is possible to tamper with the directory and DLL files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (An attacker must already have user privileges) Se descubrió un problema en el instalador de Samsung Portable SSD para T5 1.6.10 en Windows. • https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31954 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 6.7EPSS: %CPEs: -EXPL: 0CVE-2024-31953
https://notcve.org/view.php?id=CVE-2024-31953
Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.) • https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31953 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: %CPEs: -EXPL: 0CVE-2024-31952
https://notcve.org/view.php?id=CVE-2024-31952
Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.) • https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31952 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: %CPEs: -EXPL: 1CVE-2024-31771
https://notcve.org/view.php?id=CVE-2024-31771
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file La vulnerabilidad de permiso inseguro en TotalAV v.6.0.740 permite a un atacante local escalar privilegios a través de un archivo manipulado • https://github.com/restdone/CVE-2024-31771 • CWE-266: Incorrect Privilege Assignment •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2024-30802
https://notcve.org/view.php?id=CVE-2024-30802
An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges via the login.html component. • https://github.com/WarmBrew/web_vul/blob/main/TTX.md • CWE-1393: Use of Default Password •