CVSS: 5.4EPSS: 0%CPEs: 12EXPL: 0CVE-2022-41091 – Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-41091
Windows Mark of the Web Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad web de Windows Mark Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41091 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-41073 – Microsoft Windows Print Spooler Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-41073
Windows Print Spooler Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en la Cola de Impresión de Windows Windows still suffers from issues related to the replacement of the system drive letter during impersonation. This can be abused to trick privilege processes to load configuration files and other resources from untrusted locations leading to elevation of privilege. Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges. • http://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41073 • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 96%CPEs: 19EXPL: 16CVE-2021-34527 – Microsoft Windows Print Spooler Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34527
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. • https://github.com/JohnHammond/CVE-2021-34527 https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527 https://github.com/m8sec/CVE-2021-34527 https://github.com/CnOxx1/CVE-2021-34527-1675 https://github.com/DenizSe/CVE-2021-34527 https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527 https://github.com/dywhoami/CVE-2021-34527-Scanner-Based-On-cube0x0-POC https://github.com/whoami-chmod777/CVE-2021-1675-CVE-2021-34527 https://github.com/cyb3rpeace/CVE-2021-345 • CWE-269: Improper Privilege Management •