CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-50677
https://notcve.org/view.php?id=CVE-2023-50677
An issue in NETGEAR-DGND4000 v.1.1.00.15_1.00.15 allows a remote attacker to escalate privileges via the next_file parameter to the /setup.cgi component. • https://gist.github.com/DMIND-NLL/b61b8d8d20271adf60fc717b3b48faff • CWE-269: Improper Privilege Management •
CVSS: 4.5EPSS: 0%CPEs: 4EXPL: 1CVE-2024-2432 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-2432
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. • https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP https://security.paloaltonetworks.com/CVE-2024-2432 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27955 – WordPress Automatic plugin <= 3.92.0 - CSRF to Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-27955
This makes it possible for unauthenticated attackers to escalate their privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/wp-automatic/wordpress-automatic-plugin-3-92-0-privilege-escalation-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2172 – Malware Scanner <= 4.7.2 and Web Application Firewall <= 2.1.1 - Unauthenticated Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-2172
This makes it possible for unauthenticated attackers to escalate their privileges to that of an administrator. • https://plugins.trac.wordpress.org/browser/miniorange-malware-protection/tags/4.7.2/handler/login.php#L89 https://wordpress.org/plugins/miniorange-malware-protection https://www.wordfence.com/threat-intel/vulnerabilities/id/6347f588-a3fd-4909-ad57-9d78787b5728?source=cve • CWE-304: Missing Critical Step in Authentication •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-26199 – Microsoft Office Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26199
Microsoft Office Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Microsoft Office This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Office. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26199 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •