CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2021-1637 – Windows DNS Query Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1637
Windows DNS Query Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de consultas DNS de Windows • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1637 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1637 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2021-1648 – Microsoft splwow64 Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1648
Microsoft splwow64 Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Microsoft splwow64 This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode printer driver host process splwow64.exe. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges from low integrity and execute code in the context of the current user at medium integrity. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1648 https://www.zerodayinitiative.com/advisories/ZDI-21-504 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1648 • CWE-269: Improper Privilege Management •
CVSS: 8.1EPSS: 0%CPEs: 33EXPL: 0CVE-2020-17140 – Windows SMB Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-17140
Windows SMB Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Windows SMB • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17140 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-17137 – DirectX Graphics Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17137
DirectX Graphics Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en el núcleo de gráficos DirectX • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17137 •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2020-17098 – Windows GDI+ Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-17098
Windows GDI+ Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Windows GDI+ de Microsoft • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17098 •