CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2021-1683 – Windows Bluetooth Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1683
Windows Bluetooth Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de la Característica de Seguridad de Windows Bluetooth. Este ID de CVE es diferente de CVE-2021-1638, CVE-2021-1684 Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1683 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1683 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1682 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1682
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of Event Tracing for Windows. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1682 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1682 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-1680 – Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1680
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Diagnostics Hub Standard Collector. Este ID de CVE es diferente de CVE-2021-1651 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1680 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1680 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2021-1679 – Windows CryptoAPI Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1679
Windows CryptoAPI Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio de Windows CryptoAPI • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1679 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1679 •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-1678 – Windows Print Spooler Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-1678
Windows Print Spooler Spoofing Vulnerability Una Vulnerabilidad de Omisión de la Funcionalidad de NTLM Security • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1678 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1678 •