CVE-2021-3146
https://notcve.org/view.php?id=CVE-2021-3146
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges. El servicio de API Dolby Audio X2 (DAX2) versiones anteriores a 0.8.8.90 en Windows permite a los usuarios locales obtener privilegios • https://professional.dolby.com/siteassets/pdfs/dolby-dax2-security-advisory-2021-04-07.pdf • CWE-426: Untrusted Search Path •
CVE-2021-26857 – Microsoft Exchange Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26857
Microsoft Exchange Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de código remota de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078 Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26857 • CWE-502: Deserialization of Untrusted Data •
CVE-2020-17144 – Microsoft Exchange Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17144
Microsoft Exchange Remote Code Execution Vulnerability Vulnerabilidad de ejecución de código remota en Microsoft Exchange Este ID de CVE es diferente de CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142 Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution. • https://github.com/zcgonvh/CVE-2020-17144 https://github.com/Airboi/CVE-2020-17144-EXP https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17144 • CWE-502: Deserialization of Untrusted Data •
CVE-2020-0688 – Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-0688
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. Se presenta una vulnerabilidad de ejecución de código remota en el software Microsoft Exchange cuando el software no puede manejar apropiadamente los objetos en la memoria, también se conoce como "Microsoft Exchange Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the Exchange Control Panel web application. The product fails to generate a unique cryptographic key at installation, which can result in deserialization of untrusted data. • https://www.exploit-db.com/exploits/48168 https://www.exploit-db.com/exploits/48153 https://github.com/zcgonvh/CVE-2020-0688 https://github.com/Jumbo-WJB/CVE-2020-0688 https://github.com/onSec-fr/CVE-2020-0688-Scanner https://github.com/ravinacademy/CVE-2020-0688 https://github.com/MrTiz/CVE-2020-0688 https://github.com/youncyb/CVE-2020-0688 https://github.com/W01fh4cker/CVE-2020-0688-GUI https://github.com/righter83/CVE-2020-0688 https://github.com/ktpdpro • CWE-287: Improper Authentication •
CVE-2019-1136
https://notcve.org/view.php?id=CVE-2019-1136
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. Existe una vulnerabilidad de elevación de privilegios en Microsoft Exchange Server, también se conoce como "Microsoft Exchange Server Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1136 •