CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2021-31954 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31954
Windows Common Log File System Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows Common Log File System Driver This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the clfs.sys driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31954 https://www.zerodayinitiative.com/advisories/ZDI-21-668 • CWE-122: Heap-based Buffer Overflow CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-31952 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31952
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows Kernel-Mode Driver • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31952 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-31951 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31951
Windows Kernel Elevation of Privilege Vulnerability Una vulnerabilidad en la Escalada de Privilegios en Windows Kernel • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31951 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31208 – Windows Container Manager Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31208
Windows Container Manager Service Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios del Windows Container Manager Service. Este ID de CVE es diferente de CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31169 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31208 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31205 – Windows SMB Client Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31205
Windows SMB Client Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad de Windows SMB Client • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31205 •