CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-31756
https://notcve.org/view.php?id=CVE-2024-31756
An issue in MarvinTest Solutions Hardware Access Driver v.5.0.3.0 and before and fixed in v.5.0.4.0 allows a local attacker to escalate privileges via the Hw65.sys component. Un problema en MarvinTest Solutions Hardware Access Driver v.5.0.3.0 y anteriores y solucionado en v.5.0.4.0 permite a un atacante local escalar privilegios a través del componente Hw65.sys. • https://northwave-cybersecurity.com/vulnerability-notice-hardware-access-driver-marvintest-solutions • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-31757
https://notcve.org/view.php?id=CVE-2024-31757
An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component. Un problema en TeraByte Unlimited Image para Windows v.3.64.0.0 y anteriores y solucionado en v.4.0.0.0 permite a un atacante local escalar privilegios a través del componente TBOFLHelper64.sys y TBOFLHelper.sys. • https://www.terabyteunlimited.com/image-for-windows • CWE-269: Improper Privilege Management •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31335 – PowerVR DevmemIntChangeSparse2() Dangling Page Table Entry
https://notcve.org/view.php?id=CVE-2024-31335
This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios en el kernel sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/2024-07-01 • CWE-783: Operator Precedence Logic Error •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34724 – PowerVR _UnrefAndMaybeDestroy() Use-After-Free
https://notcve.org/view.php?id=CVE-2024-34724
This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios en el kernel sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/2024-07-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36076
https://notcve.org/view.php?id=CVE-2024-36076
Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session. • https://github.com/Syslifters/sysreptor/releases/tag/2024.40 https://github.com/Syslifters/sysreptor/security/advisories/GHSA-2vfc-3h43-vghh • CWE-352: Cross-Site Request Forgery (CSRF) •