CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-57604
https://notcve.org/view.php?id=CVE-2024-57604
12 Feb 2025 — An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component. • https://github.com/mayswind/ezbookkeeping/issues/33 •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-51440
https://notcve.org/view.php?id=CVE-2024-51440
12 Feb 2025 — An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component. • https://sharedobject.blog/posts/nothing-bpf •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21373 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21373
11 Feb 2025 — Windows Installer Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21373 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21418 – Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-21418
11 Feb 2025 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21418 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53977
https://notcve.org/view.php?id=CVE-2024-53977
11 Feb 2025 — This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch the script from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-637914.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-54916
https://notcve.org/view.php?id=CVE-2024-54916
11 Feb 2025 — An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate attacker to bypass authentication and escalate privileges by manipulating the return value of the checkPasscode method. • https://github.com/SAHALLL/CVE-2024-54916 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21692 – net: sched: fix ets qdisc OOB Indexing
https://notcve.org/view.php?id=CVE-2025-21692
10 Feb 2025 — The overflow may cause local privilege escalation. The overflow may cause local privilege escalation. • https://git.kernel.org/stable/c/dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-55215
https://notcve.org/view.php?id=CVE-2024-55215
07 Feb 2025 — An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker to escalate privileges via the initialization interface /auth/register. • https://github.com/ainrm/Jrohy-trojan-unauth-poc • CWE-269: Improper Privilege Management •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-57429
https://notcve.org/view.php?id=CVE-2024-57429
06 Feb 2025 — A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request. • https://github.com/ahrixia/CVE-2024-57429 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24805 – Local Privilege Escalation in MobSF
https://notcve.org/view.php?id=CVE-2025-24805
05 Feb 2025 — A local user with minimal privileges is able to make use of an access token for materials for scopes which it should not be accepted. • https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/05206e72cae35b311615a70e51e1a946955c5e83 • CWE-269: Improper Privilege Management •