2 matches found
CVE-2021-26414
CVE-2021-26414 is a Windows DCOM Server Security Feature Bypass. Connected docs confirm a DCOM hardening series (phase 3) and note mitigations: after applying relevant updates, DCOM hardening changes are permanent and cannot be disabled via registry. Microsoft guidance recommends enabling DCOM au...
CVE-2021-40454
CVE-2021-40454 is an information-disclosure vulnerability in the Rich Text Edit Control used by Microsoft Office. The issue is documented as a local, low-complexity disclosure that can impact confidentiality (CVE-2021-40454) with a MEDIUM overall severity (CVSS v3.1 base score 5.5). The connected...