CVSS: 8.8EPSS: 86%CPEs: 18EXPL: 0CVE-2021-34498 – Windows GDI Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-34498
Windows GDI Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows GDI This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of bitmap objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34498 https://www.zerodayinitiative.com/advisories/ZDI-21-825 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 18EXPL: 0CVE-2021-34497 – Windows MSHTML Platform Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34497
Windows MSHTML Platform Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Windows MSHTML Platform. Este ID de CVE es diferente de CVE-2021-34447 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34497 •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2021-34496 – Windows GDI Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-34496
Windows GDI Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows GDI • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34496 •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2021-34494 – Windows DNS Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34494
Windows DNS Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Windows DNS Server. Este ID de CVE es diferente de CVE-2021-33746, CVE-2021-33754, CVE-2021-33780, CVE-2021-34525 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34494 •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2021-34493 – Windows Partition Management Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-34493
Windows Partition Management Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios de Windows Partition Management Driver • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34493 • CWE-269: Improper Privilege Management •