CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-0622 – Local privilege escalation vulnerability could affect OpenText Operations Agent on Non-Windows platforms.
https://notcve.org/view.php?id=CVE-2024-0622
Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation. • https://portal.microfocus.com/s/article/KM000026555?language=en_US • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32484
https://notcve.org/view.php?id=CVE-2023-32484
A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. • https://www.dell.com/support/kbdoc/en-us/000216586/dsa-2023-284-security-update-for-dell-emc-enterprise-sonic-os-command-injection-vulnerability-when-using-remote-user-authentication • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-1488 – Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2024-1488
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. Se encontró una vulnerabilidad en Unbound debido a permisos predeterminados incorrectos, lo que permite que cualquier proceso fuera del grupo independiente modifique la configuración del tiempo de ejecución independiente. Si un proceso puede conectarse a través de localhost al puerto 8953, puede alterar la configuración de unbound.service. • https://access.redhat.com/errata/RHSA-2024:1750 https://access.redhat.com/errata/RHSA-2024:1751 https://access.redhat.com/errata/RHSA-2024:1780 https://access.redhat.com/errata/RHSA-2024:1801 https://access.redhat.com/errata/RHSA-2024:1802 https://access.redhat.com/errata/RHSA-2024:1804 https://access.redhat.com/errata/RHSA-2024:2587 https://access.redhat.com/errata/RHSA-2024:2696 https://access.redhat.com/security/cve/CVE-2024-1488 https://bugzilla.redhat.com/show • CWE-15: External Control of System or Configuration Setting •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2024-0353 – Local privilege escalation in Windows products
https://notcve.org/view.php?id=CVE-2024-0353
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. ... This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed • CWE-269: Improper Privilege Management •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25535
https://notcve.org/view.php?id=CVE-2023-25535
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023 La versión del archivo ejecutable del instalador de Dell SupportAssist para PC domésticas anterior a 3.13.2.19 utilizado para la instalación inicial tiene una alta vulnerabilidad que puede resultar en una escalada de privilegios local (LPE). • https://www.dell.com/support/kbdoc/en-us/000211410/dell-supportassist-for-home-pcs-security-update-for-installer-executable-file-for-local-privilege-escalation-lpe-vulnerability • CWE-269: Improper Privilege Management •