CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-42291 – Active Directory Domain Services Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-42291
Active Directory Domain Services Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Active Directory Domain Services. Este ID de CVE es diferente de CVE-2021-42278, CVE-2021-42282, CVE-2021-42287 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42291 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8422
https://notcve.org/view.php?id=CVE-2018-8422
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8424. Existe una vulnerabilidad de divulgación de información cuando el componente Windows GDI no muestra correctamente los contenidos de su memoria. Esto también se conoce como "Windows GDI Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/105357 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8422 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 16%CPEs: 16EXPL: 1CVE-2018-8420 – Microsoft Windows VBScript Class_Terminate MSXML6 Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8420
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. Existe una vulnerabilidad de ejecución remota de código cuando el analizador Microsoft XML Core Services MSXML procesa las entradas de usuario. Esto también se conoce como "MS XML Remote Code Execution Vulnerability". Esto afecta a Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10 y Windows 10 Servers. • https://github.com/idkwim/CVE-2018-8420 http://www.securityfocus.com/bid/105259 http://www.securitytracker.com/id/1041627 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8420 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2018-8470
https://notcve.org/view.php?id=CVE-2018-8470
A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11. Existe una vulnerabilidad de omisión de la característica de seguridad en Internet Explorer debido a la forma en la que se gestionan los scripts que permite una condición de Cross-Site Scripting Universal (UXSS). Esto también se conoce como "Internet Explorer Security Feature Bypass Vulnerability". Esto afecta a Internet Explorer 11. • http://www.securityfocus.com/bid/105267 http://www.securitytracker.com/id/1041632 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8470 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 19%CPEs: 18EXPL: 0CVE-2018-8332
https://notcve.org/view.php?id=CVE-2018-8332
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. Existe una vulnerabilidad de ejecución remota de código cuando la biblioteca de fuentes de Windows gestiona fuentes embebidas especialmente manipuladas. Esto también se conoce como "Win32k Graphics Remote Code Execution Vulnerability". Esto afecta a Windows 7, Microsoft Office, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10 y Windows 10 Servers. • http://www.securityfocus.com/bid/105248 http://www.securitytracker.com/id/1041628 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8332 •