CVSS: 8.8EPSS: 3%CPEs: 9EXPL: 0CVE-2021-26876 – OpenType Font Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26876
OpenType Font Parsing Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de OpenType Font Parsing • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26876 •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-26875 – Windows Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26875
Windows Win32k Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows Win32k. Este ID de CVE es diferente de CVE-2021-26863, CVE-2021-26900, CVE-2021-27077 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26875 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-26874 – Windows Overlay Filter Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26874
Windows Overlay Filter Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Overlay Filter de Windows • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26874 •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-26873 – Windows User Profile Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26873
Windows User Profile Service Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del User Profile Service de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Profile Service. By creating a directory junction, an attacker can abuse the service to create a second junction in a sensitive location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26873 https://www.zerodayinitiative.com/advisories/ZDI-21-283 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-26872 – Windows Event Tracing Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26872
Windows Event Tracing Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Event Tracing de Windows. Este ID de CVE es diferente de CVE-2021-26898, CVE-2021-26901 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26872 •