CVSS: 8.8EPSS: 1%CPEs: 23EXPL: 0CVE-2021-28455 – Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28455
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Jet Red Database Engine y Access Connectivity Engine • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28455 •
CVSS: 8.8EPSS: 3%CPEs: 9EXPL: 0CVE-2021-26876 – OpenType Font Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26876
OpenType Font Parsing Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de OpenType Font Parsing • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26876 •
CVSS: 8.0EPSS: 0%CPEs: 23EXPL: 0CVE-2021-1726 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-1726
Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726 •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2020-16949 – Microsoft Outlook Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-16949
<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p> <p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p> Se presenta una vulnerabilidad de denegación de servicio en el software Microsoft Outlook cuando el software presenta un fallo al manejar apropiadamente objetos en memoria, también se conoce como "Microsoft Outlook Denial of Service Vulnerability" • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16949 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 28EXPL: 0CVE-2020-16933 – Microsoft Word Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-16933
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16933 •