CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 1CVE-2021-31970 – Windows TCP/IP Driver Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31970
08 Jun 2021 — Windows TCP/IP Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Windows TCP/IP Driver The Windows Filtering Platform does not verify the token impersonation level when checking filters allowing the bypass of firewall rules leading to elevation of privilege. • http://packetstormsecurity.com/files/163256/Microsoft-Windows-Filtering-Platform-Token-Access-Check-Privilege-Escalation.html • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 4.4EPSS: 0%CPEs: 17EXPL: 1CVE-2021-28447 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-28447
13 Apr 2021 — Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad de Early Launch Antimalware Driver de Windows. • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 •
CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 1CVE-2021-27094 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-27094
13 Apr 2021 — Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Windows Early Launch Antimalware Driver. • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2021-28927
https://notcve.org/view.php?id=CVE-2021-28927
07 Apr 2021 — The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names. El motor de text-to-speech en libretro RetroArch para Windows versión 1.9.0 pasa la entrada no saneada a PowerShell mediante el archivo platform_... • https://github.com/libretro/RetroArch/blob/d3dc3ee989ec6a4903c689907ffc47027f71f776/frontend/drivers/platform_win32.c • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 2%CPEs: 9EXPL: 1CVE-2021-24098 – Windows Console Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-24098
25 Feb 2021 — Windows Console Driver Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio del Console Driver de Windows • https://github.com/waleedassar/CVE-2021-24098 •
CVSS: 5.5EPSS: 4%CPEs: 18EXPL: 1CVE-2021-1656 – TPM Device Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1656
12 Jan 2021 — TPM Device Driver Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información del TPM Device Driver • https://github.com/waleedassar/CVE-2021-1656 •
CVSS: 7.8EPSS: 1%CPEs: 15EXPL: 1CVE-2021-1648 – Microsoft splwow64 Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1648
15 Dec 2020 — Microsoft splwow64 Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Microsoft splwow64 This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode printer driver host process splwow64.exe. • https://packetstorm.news/files/id/160698 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2020-17134 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17134
09 Dec 2020 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17103, CVE-2020-17136 The Microsoft Windows Cloud Filter access check does not take into account restrictions such as Mandatory Labels allowing a user to bypass security checks. • https://packetstorm.news/files/id/160426 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2020-17139 – Windows Overlay Filter Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-17139
09 Dec 2020 — Windows Overlay Filter Security Feature Bypass Vulnerability Vulnerabilidad de la función de seguridad del filtro de superposición de Windows The Microsoft Windows WOF filter driver does not correctly handle the reparse point setting which allows for an arbitrary file to be cached signed leading to a bypass of UMCI. • https://packetstorm.news/files/id/160428 •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 1CVE-2020-17103 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17103
09 Dec 2020 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17134, CVE-2020-17136 The Microsoft Windows Cloud Filter HsmOsBlockPlaceholderAccess function allows a user to create arbitrary registry keys in the .DEFAULT users hive leading to elevation of privilege. • https://packetstorm.news/files/id/160427 •