CVSS: 9.0EPSS: 96%CPEs: 19EXPL: 16CVE-2021-34527 – Microsoft Windows Print Spooler Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34527
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. • https://github.com/JohnHammond/CVE-2021-34527 https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527 https://github.com/m8sec/CVE-2021-34527 https://github.com/CnOxx1/CVE-2021-34527-1675 https://github.com/DenizSe/CVE-2021-34527 https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527 https://github.com/dywhoami/CVE-2021-34527-Scanner-Based-On-cube0x0-POC https://github.com/whoami-chmod777/CVE-2021-1675-CVE-2021-34527 https://github.com/cyb3rpeace/CVE-2021-345 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-17759
https://notcve.org/view.php?id=CVE-2020-17759
An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This enables attackers for arbitrary command execution if the user clicks on a specially crafted URL. AKA: WINNOTE-19941. Se encontró un problema en el cliente de Evernote para Windows versiones 10, 7 y 2008 en el manejador de protocolo. Esto permite a atacantes una ejecución de comandos arbitrarios si el usuario hace clic en una URL especialmente diseñada. • https://evernote.com/intl/zh-cn/security/updates • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 30%CPEs: 19EXPL: 0CVE-2021-33742 – Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-33742
Windows MSHTML Platform Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Windows MSHTML Platform Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33742 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-31973 – Windows GPSVC Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31973
Windows GPSVC Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows GPSVC • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31973 •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-31971 – Windows HTML Platforms Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31971
Windows HTML Platforms Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Windows HTML Platform Security • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31971 •