CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46914
https://notcve.org/view.php?id=CVE-2023-46914
07 Feb 2024 — SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via ics_export.php. • https://security.friendsofpresta.org/modules/2024/02/06/bookingcalendar.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24303
https://notcve.org/view.php?id=CVE-2024-24303
07 Feb 2024 — SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for PrestaShop before version 1.4.1, allows remote attackers to escalate privileges and obtain sensitive information via the HiAdvancedGiftWrappingGiftWrappingModuleFrontController::addGiftWrappingCartValue() method. • https://security.friendsofpresta.org/modules/2024/02/06/hiadvancedgiftwrapping.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22239
https://notcve.org/view.php?id=CVE-2024-22239
06 Feb 2024 — Aria Operations for Networks contains a local privilege escalation vulnerability. Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain ... • https://www.vmware.com/security/advisories/VMSA-2024-0002.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22237
https://notcve.org/view.php?id=CVE-2024-22237
06 Feb 2024 — Aria Operations for Networks contains a local privilege escalation vulnerability. Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to ... • https://www.vmware.com/security/advisories/VMSA-2024-0002.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-32479 – Dell Security Management Server Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32479
06 Feb 2024 — Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation. ... Un usuario malintencionado local podría explotar esta vu... • https://packetstorm.news/files/id/177832 • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 62EXPL: 0CVE-2024-20002
https://notcve.org/view.php?id=CVE-2024-20002
05 Feb 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 62EXPL: 0CVE-2024-20001
https://notcve.org/view.php?id=CVE-2024-20001
05 Feb 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2024-20015
https://notcve.org/view.php?id=CVE-2024-20015
05 Feb 2024 — In telephony, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.7EPSS: 0%CPEs: 61EXPL: 0CVE-2024-20013
https://notcve.org/view.php?id=CVE-2024-20013
05 Feb 2024 — This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 52EXPL: 0CVE-2024-20012
https://notcve.org/view.php?id=CVE-2024-20012
05 Feb 2024 — In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. ... Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •