CVE-2024-36513

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-270
View all →

Vulnerability Description

A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.

Related Vulnerabilities

CVE-2023-37912

HIGH
CVSS:8.8(High)

XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. Prior to version 14.10.6 of `org.xwiki.platform:xwiki-core-rendering-macro-footnotes` a...

CWE-2702023

CVE-2024-8641

HIGH
CVSS:8.8(High)

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attac...

CWE-2702024

CVE-2024-11263

HIGH
CVSS:8.4(High)

When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesse...

CWE-2702024

CVE-2024-46975

HIGH
CVSS:7.9(High)

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data into another Guest's virtualised GPU memory.

CWE-2702024

CVE-2023-25754

CRITICAL
CVSS:9.8(Critical)

Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0.

CWE-2702023

CVE-2017-2663

HIGH
CVSS:7.8(High)

It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local at...

CWE-2702017