Total
757 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-22379 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Inspector software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-22346 | 1 Ibm | 1 I | 2024-11-21 | N/A | 8.4 HIGH |
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203. | |||||
CVE-2024-22167 | 2024-11-21 | N/A | 7.9 HIGH | ||
A potential DLL hijacking vulnerability in the SanDisk PrivateAccess application for Windows that could lead to arbitrary code execution in the context of the system user. This vulnerability is only exploitable locally if an attacker has access to a copy of the user's vault or has already gained access into a user's system. This attack is limited to the system in context and cannot be propagated. | |||||
CVE-2024-21862 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21861 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21843 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21841 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path for some Intel(R) Distribution for GDB software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21837 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21831 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 4.1.9.41 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21818 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) PCM software before version 202311 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21814 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path for some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21788 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) GPA software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21777 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21774 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Processor Identification Utility software before versions 6.10.34.1129, 7.1.6 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-21772 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Advisor software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-20338 | 2024-11-21 | N/A | 7.3 HIGH | ||
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges. | |||||
CVE-2024-1595 | 2024-11-21 | N/A | 7.8 HIGH | ||
Delta Electronics CNCSoft-B DOPSoft prior to v4.0.0.82 insecurely loads libraries, which may allow an attacker to use DLL hijacking and take over the system where the software is installed. | |||||
CVE-2024-1182 | 2024-11-21 | N/A | 7.0 HIGH | ||
Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local attacker to execute a malicious code by storing a specially crafted DLL in a specific folder when GENESIS64 and MC Works64 are installed with the Pager agent in the alarm multi-agent notification feature. | |||||
CVE-2024-0980 | 2024-11-21 | N/A | 7.1 HIGH | ||
The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code. | |||||
CVE-2024-0670 | 2024-11-21 | N/A | 8.8 HIGH | ||
Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges |