Page 107 of 2398 results (0.015 seconds)

CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0

CVE-2021-28479 – Windows CSC Service Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2021-28479

Windows CSC Service Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows CSC Service • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28479 •

CVSS: 8.8EPSS: 1%CPEs: 23EXPL: 0

CVE-2021-28455 – Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Jet Red Database Engine y Access Connectivity Engine • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28455 •

CVSS: 7.6EPSS: 93%CPEs: 19EXPL: 1

CVE-2021-26419 – Scripting Engine Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2021-26419

Scripting Engine Memory Corruption Vulnerability Una vulnerabilidad de Corrupción de la Memoria del Motor de Scripting There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied. • http://packetstormsecurity.com/files/162570/Internet-Explorer-jscript9.dll-Memory-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26419 • CWE-787: Out-of-bounds Write •

CVSS: 4.3EPSS: 0%CPEs: 385EXPL: 1

CVE-2020-24588 – kernel: wifi frame payload being parsed incorrectly as an L2 frame

https://notcve.org/view.php?id=CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. El estándar 802.11 que sustenta a Wi-Fi Protected Access (WPA, WPA2, y WPA3) y Wired Equivalent Privacy (WEP) no requiere que el flag A-MSDU en el campo de encabezado QoS de texto plano esté autenticada. Contra dispositivos que admiten la recepción de tramas A-MSDU que no son SSP (que es obligatorio como parte de 802.11n), un adversario puede abusar de esto para inyectar paquetes de red arbitrarios A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. • http://www.openwall.com/lists/oss-security/2021/05/11/12 https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu https: • CWE-20: Improper Input Validation CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 4.4EPSS: 0%CPEs: 17EXPL: 1

CVE-2021-28447 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2021-28447

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad de Early Launch Antimalware Driver de Windows. Este ID de CVE es diferente de CVE-2021-27094 • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28447 •