CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-26870 – Windows Projected File System Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26870
Windows Projected File System Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios Proyectada en el Windows Projected File System • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26870 •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2021-26869 – Windows ActiveX Installer Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-26869
Windows ActiveX Installer Service Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información del ActiveX Installer Service de Windows • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26869 •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 1CVE-2021-26868 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26868
Windows Graphics Component Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Graphics Component de Windows • https://github.com/KangD1W2/CVE-2021-26868 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26868 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.9EPSS: 2%CPEs: 6EXPL: 0CVE-2021-26867 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26867
Windows Hyper-V Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Windows Hyper-V • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26867 •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2021-26866 – Windows Update Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26866
Windows Update Service Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios del Update Service de Windows This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within Windows Update Agent. By creating a directory junction, an attacker can abuse Windows Update Agent to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26866 https://www.zerodayinitiative.com/advisories/ZDI-21-286 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •