D1Iv3

Name of the Vulnerable Software and Affected Versions: Windows NTLM (affected versions not specified) Description: Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified) Description: The issue is related to insufficient access control in the DCOM Remote Cross-Session Activation component of the Windows operating system. This can be exploited by a remote attacker to elevate their privileges. The vulnerability is associated with improper access control, as indicated by CWE. It may also be related to Active Directory Certificate Services and Active Directory Domain Services. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** The issue is related to insufficient access controls in Microsoft Exchange Server, which can be exploited by a remote attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** The issue is related to insufficient access controls in Microsoft Exchange Server, allowing a remote attacker to elevate their privileges. This can impact the system, potentially leading to unauthorized access or control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** The issue is related to insufficient access controls in Microsoft Exchange Server, which can be exploited by a remote attacker to elevate their privileges. This can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 91.0.4472.77 **Description** The issue is related to insufficient policy enforcement in the Content Security Policy component of Google Chrome, allowing a remote attacker to bypass content security policy via a specially crafted HTML page. This could potentially impact data integrity. **Recommendations** For versions prior to 91.0.4472.77, update to version 91.0.4472.77 or later to resolve the issue. As a temporary workaround, consider restricting access to untrusted HTML pages to minimize the risk of exploitation.