CVE-2021-31962 – Kerberos AppContainer Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31962
Kerberos AppContainer Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Kerberos AppContainer Kerberos supports a security buffer to set the target SPN of a ticket bypassing the SPN check in LSASS. • http://packetstormsecurity.com/files/163206/Windows-Kerberos-AppContainer-Enterprise-Authentication-Capability-Bypass.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31962 •
CVE-2021-31958 – Windows NTLM Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31958
Windows NTLM Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows NTLM • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31958 • CWE-294: Authentication Bypass by Capture-replay •
CVE-2021-31956 – Microsoft Windows NTFS Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-31956
Windows NTFS Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows NTFS Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application. • https://github.com/aazhuliang/CVE-2021-31956-EXP https://github.com/Y3A/CVE-2021-31956 https://github.com/hoangprod/CVE-2021-31956-POC https://github.com/hzshang/CVE-2021-31956 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2021-28437 – Windows Installer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-28437
Windows Installer Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows Installer • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28437 •
CVE-2021-28350 – Windows GDI+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28350
Windows GDI+ Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de GDI+ de Windows. Este ID de CVE es diferente de CVE-2021-28348, CVE-2021-28349 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28350 •