Page 9 of 213 results (0.036 seconds)

CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1

CVE-2021-36955 – Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2021-36955

Windows Common Log File System Driver Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Windows Common Log File System Driver. Este CVE ID es diferente de CVE-2021-36963, CVE-2021-38633 Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/JiaJinRong12138/CVE-2021-36955-EXP https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36955 •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2

CVE-2021-32537 – Realtek High definition audio Windows driver crashed

https://notcve.org/view.php?id=CVE-2021-32537

Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. Due to unexpected commands, the kernel driver will cause the system crashed. • https://github.com/0vercl0k/CVE-2021-32537 http://packetstormsecurity.com/files/163498/Realtek-RTKVHD64.sys-Out-Of-Bounds-Access.html https://www.twcert.org.tw/tw/cp-132-4813-7b578-1.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.4EPSS: 0%CPEs: 17EXPL: 1

CVE-2021-28447 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2021-28447

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad de Early Launch Antimalware Driver de Windows. • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28447 •

CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 1

CVE-2021-27094 – Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2021-27094

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Característica de Seguridad en Windows Early Launch Antimalware Driver. • https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27094 •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2

CVE-2021-28927

https://notcve.org/view.php?id=CVE-2021-28927

The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names. El motor de text-to-speech en libretro RetroArch para Windows versión 1.9.0 pasa la entrada no saneada a PowerShell mediante el archivo platform_win32.c por medio de la función accessibility_speak_windows, que permite a atacantes que presentan acceso de escritura en los sistemas de archivos que usa RetroArch para ejecutar código por medio de la inyección de comandos usando especialmente un nombres de archivos y directorios diseñados • http://libretro.com http://retroarch.com https://github.com/libretro/RetroArch/blob/d3dc3ee989ec6a4903c689907ffc47027f71f776/frontend/drivers/platform_win32.c https://labs.bishopfox.com/advisories/retroarch-for-windows-version-1.9.0 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •