CVE-2021-3058 – PAN-OS: OS Command Injection Vulnerability in Web Interface XML API
https://notcve.org/view.php?id=CVE-2021-3058
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. • https://security.paloaltonetworks.com/CVE-2021-3058 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2021-31853 – MDE DLL Search Order Hijacking vulnerability
https://notcve.org/view.php?id=CVE-2021-31853
DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. • https://kc.mcafee.com/corporate/index?page=content&id=SB10374 • CWE-427: Uncontrolled Search Path Element •
CVE-2021-42280 – Windows Feedback Hub Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-42280
Windows Feedback Hub Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Feedback Hub This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42280 https://www.zerodayinitiative.com/advisories/ZDI-21-1307 • CWE-269: Improper Privilege Management •
CVE-2021-42277 – Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-42277
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Diagnostics Hub Standard Collector This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277 https://www.zerodayinitiative.com/advisories/ZDI-21-1306 • CWE-269: Improper Privilege Management •
CVE-2021-41379 – Microsoft Windows Installer Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-41379
Windows Installer Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios del instalador de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41379 https://www.zerodayinitiative.com/advisories/ZDI-21-1308 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •