CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29853
https://notcve.org/view.php?id=CVE-2024-29853
An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation. • https://veeam.com/kb4582 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2024-22026
https://notcve.org/view.php?id=CVE-2024-22026
A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance. Una vulnerabilidad de escalada de privilegios locales en EPMM anterior a 12.1.0.0 permite a un usuario local autenticado evitar la restricción del shell y ejecutar comandos arbitrarios en el dispositivo. • https://github.com/securekomodo/CVE-2024-22026 https://forums.ivanti.com/s/article/Security-Advisory-EPMM-May-2024?language=en_US •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-33228
https://notcve.org/view.php?id=CVE-2024-33228
An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33228 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-33227
https://notcve.org/view.php?id=CVE-2024-33227
An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33227 •
CVSS: 9.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-33226
https://notcve.org/view.php?id=CVE-2024-33226
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. • https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33226 • CWE-269: Improper Privilege Management •