CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-1640 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1640
Windows Print Spooler Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Print Spooler de Windows. Este ID de CVE es diferente de CVE-2021-26878 This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler service. By creating a directory junction, an attacker can abuse the Print Spooler service to delete a file. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1640 https://www.zerodayinitiative.com/advisories/ZDI-21-493 • CWE-269: Improper Privilege Management •
CVSS: 8.4EPSS: 0%CPEs: 12EXPL: 0CVE-2021-26864 – Windows Virtual Registry Provider Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26864
Windows Virtual Registry Provider Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Virtual Registry Provider de Windows Microsoft Windows Containers Host Registry Virtual Registry Provider does not correctly handle relative opens leading to a process in a server silo being able to access the host registry leading to elevation of privilege. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26864 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-26891 – Windows Container Execution Agent Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26891
Windows Container Execution Agent Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Container Execution Agent de Windows. Este ID de CVE es diferente de CVE-2021-26865 The standard user ContainerUser in a Windows Container has elevated privileges and High integrity level which results in making it administrator equivalent even though it should be a restricted user. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26891 •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2021-26865 – Windows Container Execution Agent Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26865
Windows Container Execution Agent Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Container Execution Agent de Windows. Este ID de CVE es diferente de CVE-2021-26891 Microsoft Windows has an issue with containers where the kernel incorrectly chooses the wrong silo when looking up the root object manager directory leading to elevation of privilege. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26865 •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-25195 – Windows PKU2U Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-25195
Windows PKU2U Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de PKU2U de Windows • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-25195 •