Page 91 of 1548 results (0.007 seconds)

CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0

Windows NTLM Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows NTLM • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31958 • CWE-294: Authentication Bypass by Capture-replay •

CVSS: 5.5EPSS: 1%CPEs: 8EXPL: 1

Windows Kernel Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Windows Kernel Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process. • https://github.com/freeide/CVE-2021-31955-POC https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31955 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 4

Windows NTFS Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows NTFS Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application. • https://github.com/aazhuliang/CVE-2021-31956-EXP https://github.com/Y3A/CVE-2021-31956 https://github.com/hoangprod/CVE-2021-31956-POC https://github.com/hzshang/CVE-2021-31956 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0

Windows Common Log File System Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows Common Log File System Driver This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the clfs.sys driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31954 https://www.zerodayinitiative.com/advisories/ZDI-21-668 • CWE-122: Heap-based Buffer Overflow CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios en Windows Kernel-Mode Driver • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31952 •