CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 1CVE-2021-1656 – TPM Device Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1656
TPM Device Driver Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información del TPM Device Driver • https://github.com/waleedassar/CVE-2021-1656 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1656 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1656 •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 2CVE-2020-17136 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17136
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17103, CVE-2020-17134 The Microsoft Windows Cloud Filter driver can be abused to create arbitrary files and directories leading to elevation of privilege. • https://github.com/cssxn/CVE-2020-17136 https://github.com/xyddnljydd/CVE-2020-17136 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17136 https://bugs.chromium.org/p/project-zero/issues/detail?id=2082 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17136 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13634
https://notcve.org/view.php?id=CVE-2020-13634
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558 En Windows Master (también se conoce como Windows Optimization Master) versión 7.99.13.604, el archivo controlador (WoptiHWDetect.SYS) permite a usuarios locales causar una denegación de servicio (BSOD) o posiblemente tener otro impacto no especificado debido a que nocomprueba los valores de entrada de IOCtl 0xF1002558 • http://www.youhua.com https://github.com/y5s5k5/CVE-2020-13634 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 4CVE-2020-1054 – Microsoft Win32k Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-1054
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows cuando el controlador del modo kernel de Windows falla al manejar apropiadamente objetos en memoria, también se conoce como "Win32k Elevation of Privilege Vulnerability". ... Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. • https://github.com/KaLendsi/CVE-2020-1054 https://github.com/Iamgublin/CVE-2020-1054 https://github.com/Graham382/CVE-2020-1054 http://packetstormsecurity.com/files/160515/Microsoft-Windows-DrawIconEx-Local-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1054 https://cpr-zero.checkpoint.com/vulns/cprid-2153 https://0xeb-bp.com/blog/2020/06/15/cve-2020-1054-analysis.html https://github.com/DreamoneOnly/2020-1054/blob/master/x64_ • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 3CVE-2019-19363 – Ricoh Printer Drivers - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-19363
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version Se detectó un problema en los controladores de impresora de Windows de Ricoh (incluidos Savin y Lanier) antes del 2020, que permite a atacantes una escalada de privilegios locales. Los controladores y versiones afectados son: PCL6 Driver para Universal Print- Versión 4.0 o posterior, PS Driver para Universal Print - Versión 4.0 o posterior, PC FAX Generic Driver - Todas las versiones, Generic PCL5 Driver - Todas las versiones, RPCS Driver - Todas las versiones, PostScript3 Driver - Todas las versiones, PCL6 (PCL XL) Driver - todas las versiones, RPCS Raster Driver - todas las versiones. Ricoh printer drivers for Windows suffer from a local privilege escalation vulnerability due to insecure file permissions. • https://www.exploit-db.com/exploits/47962 https://www.exploit-db.com/exploits/48036 http://jvn.jp/en/jp/JVN15697526/index.html http://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.html http://packetstormsecurity.com/files/156251/Ricoh-Driver-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Jan/34 https://www.ricoh.com/info/2020/0122_1 • CWE-732: Incorrect Permission Assignment for Critical Resource •