CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-51426
https://notcve.org/view.php?id=CVE-2024-51426
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate privileges via the _transfer function. • https://github.com/Wzy-source/Gala/blob/main/CVEs/EOTT_0x5fe0971167215aade651f76492f8489e43ceb48a.md • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10008 – Masteriyo LMS – eLearning and Online Course Builder for WordPress <= 1.13.3 - Authenticated (Student+) Missing Authorization to Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-10008
As a result, attackers can escalate their privileges to the Administrator and demote existing administrators to students. • https://plugins.trac.wordpress.org/browser/learning-management-system/tags/1.13.3//includes/RestApi/Controllers/Version1/UsersController.php#L1726 https://www.wordfence.com/threat-intel/vulnerabilities/id/0c54166e-2af2-409d-8c67-9c07f2028543?source=cve • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42028
https://notcve.org/view.php?id=CVE-2024-42028
A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server. • https://community.ui.com/releases/Security-Advisory-Bulletin-043-043/28e45c75-314e-4f07-a4f3-d17f67bd53f7 • CWE-276: Incorrect Default Permissions •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-0126
https://notcve.org/view.php?id=CVE-2024-0126
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5586 • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-45261
https://notcve.org/view.php?id=CVE-2024-45261
Once an attacker bypasses the application's authentication procedures, they can generate a valid SID, escalate privileges, and gain full control. • https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Bypassing%20Login%20Mechanism%20with%20Passwordless%20User%20Login.md • CWE-863: Incorrect Authorization •