CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-31187 – Windows WalletService Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31187
11 May 2021 — Windows WalletService Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios de Windows WalletService This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within WalletService. By creating a directory junction, an attacker can abuse the service to create a file in ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31187 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31185 – Windows Desktop Bridge Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-31185
11 May 2021 — Windows Desktop Bridge Denial of Service Vulnerability Una vulnerabilidad de denegación de servicio de Windows Desktop Bridge • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31185 •
CVSS: 7.4EPSS: 30%CPEs: 19EXPL: 0CVE-2021-31186 – Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31186
11 May 2021 — Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows Remote Desktop Protocol (RDP) • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31186 •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 1CVE-2021-31184 – Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31184
11 May 2021 — Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Microsoft Windows Infrared Data Association (IrDA) • https://github.com/waleedassar/CVE-2021-31184 •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0CVE-2021-31182 – Microsoft Bluetooth Driver Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-31182
11 May 2021 — Microsoft Bluetooth Driver Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad del controlador Microsoft Bluetooth • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31182 •
CVSS: 8.8EPSS: 87%CPEs: 9EXPL: 0CVE-2021-31170 – Windows Graphics Component Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31170
11 May 2021 — Windows Graphics Component Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios de Windows Graphics Component. Este ID de CVE es diferente de CVE-2021-31188 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Palette objects. The issue res... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31170 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-31169 – Windows Container Manager Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31169
11 May 2021 — Windows Container Manager Service Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios de Windows Container Manager Service. Este ID de CVE es diferente de CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31208 The Container Manager Service creates an AppContainer process without impersonating the access token leading to privilege escalation. • https://packetstorm.news/files/id/162557 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-31168 – Windows Container Manager Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31168
11 May 2021 — Windows Container Manager Service Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios del servicio de Windows Container Manager. Este ID de CVE es diferente de CVE-2021-31165, CVE-2021-31167, CVE-2021-31169, CVE-2021-31208 The Container Manager Service does not impersonate the caller when granting access to virtual disk images leading to privilege escalation. • https://packetstorm.news/files/id/162556 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2021-31167 – Windows Container Manager Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31167
11 May 2021 — Windows Container Manager Service Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios del servicio de Windows Container Manager. Este ID de CVE es diferente de CVE-2021-31165, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208 The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation. • https://packetstorm.news/files/id/162559 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-31165 – Windows Container Manager Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31165
11 May 2021 — Windows Container Manager Service Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios del servicio de Windows Container Manager Este ID de CVE es diferente de CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208 The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another user identity leading to privilege escalation. • https://packetstorm.news/files/id/162555 • CWE-863: Incorrect Authorization •