CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36928 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-36928
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Microsoft Edge (basado en Chromium). Este ID de CVE es diferente de CVE-2021-36931. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Edge. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within Edge Installer. By creating a directory junction, an attacker can abuse Edge Installer to delete a file. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36928 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33741 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-33741
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Microsoft Edge (basado en Chromium) • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33741 •
CVSS: 8.8EPSS: 5%CPEs: 28EXPL: 1CVE-2021-26411 – Microsoft Internet Explorer Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2021-26411
Internet Explorer Memory Corruption Vulnerability Una Vulnerabilidad de Corrupción de la Memoria de Internet Explorer Microsoft Internet Explorer contains an unspecified vulnerability that allows for memory corruption. • https://github.com/CrackerCat/CVE-2021-26411 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26411 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 39EXPL: 0CVE-2021-25252
https://notcve.org/view.php?id=CVE-2021-25252
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. La API Virus Scan (VSAPI) y el Advanced Threat Scan Engine (ATSE) de Trend Micro, son susceptibles a una vulnerabilidad de agotamiento de la memoria que puede conllevar a una denegación de servicio o a un congelamiento del sistema si es explotada por un atacante usando un archivo especialmente diseñado • https://success.trendmicro.com/solution/000285675 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24113 – Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-24113
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de la Característica de Seguridad de Microsoft Edge (basada en Chromium) • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24113 •