CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-51162
https://notcve.org/view.php?id=CVE-2024-51162
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. • https://en.web-audimex.com/ee-auditmanagement https://github.com/Cameleon037/CVEs/blob/main/CVE-2024-51162/README.md • CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42450
https://notcve.org/view.php?id=CVE-2024-42450
This combination allows an unauthenticated attacker to access and administer the database or read local filesystem contents to escalate privileges on the system. Exploitation Status: Versa Networks is not aware of this exploitation in any production systems. • https://security-portal.versa-networks.com/emailbulletins/6735a300415abb89e9a8a9d3 • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-50803
https://notcve.org/view.php?id=CVE-2024-50803
The mediapool feature of the Redaxo Core CMS application v 5.17.1 is vulnerable to Cross Site Scripting(XSS) which allows a remote attacker to escalate privileges • http://redaxo-core.com http://redaxo.com https://github.com/Praison001/CVE-2024-50803-Redaxo • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51503 – Trend Micro Deep Security Agent Manual Scan Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-51503
A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. • https://success.trendmicro.com/en-US/solution/KA-0018154 https://www.zerodayinitiative.com/advisories/ZDI-24-1516 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-48292
https://notcve.org/view.php?id=CVE-2024-48292
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges. • https://github.com/Nero22k/Disclosures/blob/main/QuickHealAV/CVE-2024-48292.md https://www.quickheal.com/download-free-antivirus • CWE-276: Incorrect Default Permissions •