CVE-2021-40478 – Storage Spaces Controller Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-40478
Este ID de CVE es diferente de CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40478 https://www.zerodayinitiative.com/advisories/ZDI-21-1155 • CWE-269: Improper Privilege Management •
CVE-2021-40449 – Microsoft Windows Win32k Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-40449
Este ID de CVE es diferente de CVE-2021-40450, CVE-2021-41357 Unspecified vulnerability allows for an authenticated user to escalate privileges. • https://github.com/KaLendsi/CVE-2021-40449-Exploit https://github.com/hakivvi/CVE-2021-40449 https://github.com/BL0odz/CVE-2021-40449-NtGdiResetDC-UAF https://github.com/toanthang1842002/CVE-2021-40449 http://packetstormsecurity.com/files/164926/Win32k-NtGdiResetDC-Use-After-Free-Local-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40449 - • CWE-416: Use After Free •
CVE-2021-26441 – Storage Spaces Controller Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26441
Este ID de CVE es diferente de CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26441 https://www.zerodayinitiative.com/advisories/ZDI-21-1157 • CWE-269: Improper Privilege Management •
CVE-2021-34866 – Linux Kernel eBPF Type Confusion Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-34866
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. ... This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • https://security.netapp.com/advisory/ntap-20220217-0008 https://www.zerodayinitiative.com/advisories/ZDI-21-1148 https://access.redhat.com/security/cve/CVE-2021-34866 https://bugzilla.redhat.com/show_bug.cgi?id=2000457 • CWE-697: Incorrect Comparison CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2021-29645
https://notcve.org/view.php?id=CVE-2021-29645
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. • https://www.hitachi.com/hirt/security/index.html •