CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1682 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1682
Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of Event Tracing for Windows. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1682 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1682 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-1681 – Windows WalletService Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1681
Windows WalletService Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows WalletService. Este ID de CVE es diferente de CVE-2021-1686, CVE-2021-1687, CVE-2021-1690 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1681 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1681 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2021-1679 – Windows CryptoAPI Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1679
Windows CryptoAPI Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio de Windows CryptoAPI • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1679 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1679 •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-1680 – Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1680
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Diagnostics Hub Standard Collector. Este ID de CVE es diferente de CVE-2021-1651 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1680 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1680 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-1678 – Windows Print Spooler Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-1678
Windows Print Spooler Spoofing Vulnerability Una Vulnerabilidad de Omisión de la Funcionalidad de NTLM Security • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1678 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1678 •