CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47040 – Use After Free in the android.hardware.radio.sap.ISap/slot2 service
https://notcve.org/view.php?id=CVE-2024-47040
18 Dec 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. ... This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-11-01 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-55505
https://notcve.org/view.php?id=CVE-2024-55505
18 Dec 2024 — An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component. • https://github.com/CV1523/CVEs/blob/main/CVE-2024-55505.md •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4762
https://notcve.org/view.php?id=CVE-2024-4762
16 Dec 2024 — An improper validation vulnerability was reported in the firmware update mechanism of LADM and LDCC that could allow a local attacker to escalate privileges. • https://support.lenovo.co/us/en/product_security/LEN-174319 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31891 – IBM Storage Scale privilege escalation
https://notcve.org/view.php?id=CVE-2024-31891
14 Dec 2024 — IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. • https://www.ibm.com/support/pages/node/7178098 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12552 – Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-12552
12 Dec 2024 — Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the conte... • https://cdn.wacom.com/u/productsupport/drivers/win/professional/releasenotes/Windows_6.4.8-2.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11598
https://notcve.org/view.php?id=CVE-2024-11598
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Application-Control-CVE-2024-11598 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11597
https://notcve.org/view.php?id=CVE-2024-11597
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Performance-Manager-CVE-2024-11597 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8496
https://notcve.org/view.php?id=CVE-2024-8496
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Workspace-Control-IWC-CVE-2024-8496 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9845
https://notcve.org/view.php?id=CVE-2024-9845
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Automation-CVE-2024-9845 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10251
https://notcve.org/view.php?id=CVE-2024-10251
11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Security-Controls-iSec-CVE-2024-10251 • CWE-276: Incorrect Default Permissions •