CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2021-28479 – Windows CSC Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-28479
11 May 2021 — Windows CSC Service Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows CSC Service • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28479 •
CVSS: 9.9EPSS: 15%CPEs: 18EXPL: 6CVE-2021-28476 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28476
11 May 2021 — Windows Hyper-V Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Hyper-V • https://packetstorm.news/files/id/163497 •
CVSS: 8.8EPSS: 2%CPEs: 23EXPL: 0CVE-2021-28455 – Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28455
11 May 2021 — Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Jet Red Database Engine y Access Connectivity Engine • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28455 •
CVSS: 7.6EPSS: 93%CPEs: 19EXPL: 2CVE-2021-26419 – Scripting Engine Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2021-26419
11 May 2021 — Scripting Engine Memory Corruption Vulnerability Una vulnerabilidad de Corrupción de la Memoria del Motor de Scripting There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied. • https://packetstorm.news/files/id/162570 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 385EXPL: 1CVE-2020-24588 – kernel: wifi frame payload being parsed incorrectly as an L2 frame
https://notcve.org/view.php?id=CVE-2020-24588
11 May 2021 — The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. El estándar 802.11 que sustenta a Wi-Fi Protected Access (WPA, WPA2, y WPA3) y Wired Equivalent Privacy (WEP) no requiere que el flag A-MSDU ... • http://www.openwall.com/lists/oss-security/2021/05/11/12 • CWE-20: Improper Input Validation CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 4.4EPSS: 0%CPEs: 17EXPL: 1CVE-2021-28447 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-28447
13 Apr 2021 — Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad de Early Launch Antimalware Driver de Windows. Este ID de CVE es diferente de CVE-2021-27094 • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 •
CVSS: 7.1EPSS: 0%CPEs: 19EXPL: 0CVE-2021-28446 – Windows Portmapping Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-28446
13 Apr 2021 — Windows Portmapping Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows Portmapping • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28446 •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2021-28444 – Windows Hyper-V Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-28444
13 Apr 2021 — Windows Hyper-V Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la característica de seguridad de Hyper-V de Windows • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28444 •
CVSS: 8.8EPSS: 2%CPEs: 17EXPL: 0CVE-2021-28445 – Windows Network File System Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28445
13 Apr 2021 — Windows Network File System Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota del Network File System de Windows • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28445 •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2021-28443 – Windows Console Driver Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-28443
13 Apr 2021 — Windows Console Driver Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio del controlador de la consola de Windows. Este ID de CVE es diferente de CVE-2021-28438 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28443 •