CVSS: 9.1EPSS: %CPEs: 1EXPL: 0CVE-2024-48920 – PutongOJ: unprivileged users can escalate privileges by constructing requests
https://notcve.org/view.php?id=CVE-2024-48920
Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. • https://github.com/acm309/PutongOJ/commit/211dfe9ebf1c6618ce5396b0338de4f9b580715e#diff-782628b47d666d5d551e040815ca3f80c0704397258718f0e0f31164608ea7beL118-R120 https://github.com/acm309/PutongOJ/releases/tag/v2.1.0-beta.1 https://github.com/acm309/PutongOJ/security/advisories/GHSA-gj6h-73c5-xw6f • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2024-49389
https://notcve.org/view.php?id=CVE-2024-49389
Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-5319 • CWE-276: Incorrect Default Permissions •
CVSS: 7.3EPSS: %CPEs: 1EXPL: 0CVE-2024-49390
https://notcve.org/view.php?id=CVE-2024-49390
Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-5845 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.7EPSS: %CPEs: 1EXPL: 0CVE-2024-49391
https://notcve.org/view.php?id=CVE-2024-49391
Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7220 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-45710 – SolarWinds Platform Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-45710
SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. • https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45710 • CWE-427: Uncontrolled Search Path Element •