Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2021-24093

Published: 25/02/2021 Updated: 29/12/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Windows Server 2016

Vulnerability Summary

Windows Graphics Component Remote Code Execution Vulnerability

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2016

microsoft windows 10 1607

microsoft windows 10 1803

microsoft windows server 2019 -

microsoft windows 10 1809

microsoft windows server 2016 1909

microsoft windows 10 1909

microsoft windows 10 2004

microsoft windows server 2016 2004

microsoft windows 10 20h2

microsoft windows server 2016 20h2

Github Repositories

https://github.com/xm88628/AfternoonTea

Store some the articles of collected

AfternoonTea Store some the articles of collected Setting Up a Kernel Debugging Environment pwningsystems/posts/setting-up-a-kernel-debugging-environment/ 2[web]SAML XML Injection researchnccgroupcom/2021/03/29/saml-xml-injection/ 3Debugging System with DCI and Windbg standa-noteblogspotcom/2021/03/debugging-system-with-dci-and-windbghtml 4CVE

Recent Articles

Microsoft Patch Tuesday gaffe leads netizens to 'Microosft' typo-squatting domain
The Register • Thomas Claburn in San Francisco • 09 Feb 2021

That aside, enjoy the light load of 56 vulns in Windows and other code Rubbish software security patches responsible for a quarter of zero-days last year

Patch Tuesday For its February Patch Day, Microsoft released security advisories covering 56 CVE-assigned vulnerabilities, 11 of them rated critical. In doing so, the Windows giant managed to publish a misspelled URL on the landing page for its February updates that instead of taking visitors to the intended Microsoft Security Response Center post about API changes, pointed to msrc-blog.microosft.com, which turns out to be a typo-bait domain. It redirects visitors to a findanswersnow.net search ...

Read more...

References

NVD-CWE-noinfohttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24093http://packetstormsecurity.com/files/161582/Microsoft-DirectWrite-fsg_ExecuteGlyph-Buffer-Overflow.htmlhttps://nvd.nist.govhttps://github.com/xm88628/AfternoonTeahttps://www.theregister.co.uk/2021/02/09/microsoft_patch_tuesday/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook