CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50260 – Wazuh's vulnerability in host_deny AR script allows arbitrary command execution
https://notcve.org/view.php?id=CVE-2023-50260
So, it can leads to LPE on server as root and RCE on agent as root. ... Por lo tanto, puede conducir a LPE en el servidor como raíz y a RCE en el agente como raíz. • https://github.com/wazuh/wazuh/security/advisories/GHSA-mjq2-xf8g-68vw • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-24910 – Local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server via crafted DLL file
https://notcve.org/view.php?id=CVE-2024-24910
A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. • https://support.checkpoint.com/results/sk/sk182219 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-31031
https://notcve.org/view.php?id=CVE-2024-31031
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow. Un problema en `coap_pdu.c` en libcoap 4.3.4 permite a los atacantes provocar un comportamiento indefinido a través de una secuencia de mensajes que conducen a un desbordamiento de enteros sin signo. • https://github.com/obgm/libcoap/issues/1351 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPENEJBV3KSASIYKNZAKXDAH7Q66KPYG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUL7QDYFGEIJVO2ZSG4O5HEAWR6PFC52 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21121 – Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21121
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21116 – Oracle VirtualBox vboxdrv Improper Privilege Management Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-21116
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://www.oracle.com/security-alerts/cpuapr2024.html •