CVE-2021-38118 – Possible Local Privilege Escalation Vulnerability in OpenText iManager
https://notcve.org/view.php?id=CVE-2021-38118
Possible improper input validation Vulnerability in iManager has been discovered in OpenTextâ„¢ iManager 3.2.4.0000. • https://www.netiq.com/documentation/imanager-32/imanager325_releasenotes/data/imanager325_releasenotes.html • CWE-250: Execution with Unnecessary Privileges •
CVE-2024-50657
https://notcve.org/view.php?id=CVE-2024-50657
An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate privileges via the PassCodeViewModel class, specifically in the checkPassCodeIsValid method • https://drive.google.com/drive/folders/1C-ZYjYhmKRGvWs9YN51XOiAS2WxxwdQd?usp=sharing https://github.com/SAHALLL/CVE-2024-50657 •
CVE-2024-50965
https://notcve.org/view.php?id=CVE-2024-50965
Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform OJS/OMP/OPS- before v.3.3.0.16 allows an attacker to execute arbitrary code and escalate privileges via a crafted script • https://openjournaltheme.com/urgent-critical-vulnerabilities-in-3-3-0-18-upgrade-your-ojs-now • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-11415 – WP-Orphanage Extended <= 1.2 - Cross-Site Request Forgery to Orphan Account Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-11415
This makes it possible for unauthenticated attackers to escalate the privileges of all orphan accounts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/wp-orphanage-extended/trunk/wp-orphanage-extended-options.php https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3194570%40wp-orphanage-extended&new=3194570%40wp-orphanage-extended&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/f7ed6255-d8df-4f57-961b-1a0c21e352ac?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2024-51162
https://notcve.org/view.php?id=CVE-2024-51162
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. ... An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. • https://en.web-audimex.com/ee-auditmanagement https://github.com/Cameleon037/CVEs/blob/main/CVE-2024-51162/README.md • CWE-276: Incorrect Default Permissions •