A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
See details on Microsoft Advisory CVE-2021-34527 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527)
Multiple Vulnerabilities in mbConnect24serv (a software service of mbDIALUP) can lead to arbitrary code execution due to improper privilege management.
Update A, 2021-11-24
Update B, 2022-03-28
Two vulnerabilities in mbCONNECT24 and mymbCONNECT24 can lead to information disclosure and arbitrary code execution.
Please consult the CVE entries for details.