Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16896 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 5.0 MEDIUM | 7.5 HIGH |
| <p>An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.</p> <p>The update addresses the vulnerability by correcting how RDP handles connection requests.</p> | |||||
| CVE-2020-16895 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles process crashes.</p> | |||||
| CVE-2020-16894 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-31 | 6.8 MEDIUM | 7.7 HIGH |
| <p>A denial of service vulnerability exists when Windows Network Address Translation (NAT) on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.</p> <p>The update addresses the vulnerability by modifying how Windows NAT accesses the host.</p> | |||||
| CVE-2020-16892 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory.</p> | |||||
| CVE-2020-16891 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2023-12-31 | 7.2 HIGH | 8.8 HIGH |
| <p>A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.</p> <p>An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.</p> <p>The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input.</p> | |||||
| CVE-2020-16890 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p> | |||||
| CVE-2020-16887 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Network Connections Service properly handles objects in memory.</p> | |||||
| CVE-2020-16885 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p> <p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Storage VSP Driver properly handles file operations.</p> | |||||
| CVE-2020-16877 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-31 | 3.6 LOW | 7.1 HIGH |
| <p>An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and overwrite or delete files.</p> <p>The security update addresses the vulnerability by correcting how Windows handles reparse points.</p> | |||||
| CVE-2020-16876 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.6 MEDIUM | 7.1 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p> <p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Application Compatibility Client Library properly handles registry operations.</p> | |||||
| CVE-2020-16863 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2023-12-31 | 7.8 HIGH | 7.5 HIGH |
| <p>A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the Remote Desktop Service on the target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Service.</p> <p>The update addresses the vulnerability by correcting how Remote Desktop Service handles connection requests.</p> | |||||
| CVE-2020-0764 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p> <p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Storage Services properly handle file operations.</p> | |||||
| CVE-2020-17110 | 1 Microsoft | 1 Hevc Video Extensions | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2020-17109 | 1 Microsoft | 1 Hevc Video Extensions | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2020-17108 | 1 Microsoft | 1 Hevc Video Extensions | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2020-17107 | 1 Microsoft | 1 Hevc Video Extensions | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2020-17106 | 1 Microsoft | 1 Hevc Video Extensions | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2020-17105 | 1 Microsoft | 1 Av1 Video Extension | 2023-12-31 | 10.0 HIGH | 7.8 HIGH |
| AV1 Video Extension Remote Code Execution Vulnerability | |||||
| CVE-2020-17104 | 1 Microsoft | 1 Visual Studio Code | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Visual Studio Code JSHint Extension Remote Code Execution Vulnerability | |||||
| CVE-2020-17101 | 1 Microsoft | 1 Heif Image Extension | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| HEIF Image Extensions Remote Code Execution Vulnerability | |||||
| CVE-2020-17091 | 1 Microsoft | 1 Teams | 2023-12-31 | 4.4 MEDIUM | 7.8 HIGH |
| Microsoft Teams Remote Code Execution Vulnerability | |||||
| CVE-2020-17088 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2020-17087 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel Local Elevation of Privilege Vulnerability | |||||
| CVE-2020-17086 | 1 Microsoft | 1 Raw Image Extension | 2023-12-31 | 7.5 HIGH | 7.8 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability | |||||
| CVE-2020-17084 | 1 Microsoft | 1 Exchange Server | 2023-12-31 | 9.0 HIGH | 8.5 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2020-17082 | 1 Microsoft | 1 Raw Image Extension | 2023-12-31 | 7.5 HIGH | 7.8 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability | |||||
| CVE-2020-17079 | 1 Microsoft | 1 Raw Image Extension | 2023-12-31 | 7.5 HIGH | 7.8 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability | |||||
| CVE-2020-17078 | 1 Microsoft | 1 Raw Image Extension | 2023-12-31 | 7.5 HIGH | 7.8 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability | |||||
| CVE-2020-17077 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Update Stack Elevation of Privilege Vulnerability | |||||
| CVE-2020-17076 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Update Orchestrator Service Elevation of Privilege Vulnerability | |||||
| CVE-2020-17075 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| Windows USO Core Worker Elevation of Privilege Vulnerability | |||||
| CVE-2020-17074 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Update Orchestrator Service Elevation of Privilege Vulnerability | |||||
| CVE-2020-17073 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-31 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Update Orchestrator Service Elevation of Privilege Vulnerability | |||||
| CVE-2020-17070 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows Update Medic Service Elevation of Privilege Vulnerability | |||||
| CVE-2020-17068 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 7.2 HIGH | 7.8 HIGH |
| Windows GDI+ Remote Code Execution Vulnerability | |||||
| CVE-2020-17067 | 1 Microsoft | 3 365 Apps, Excel, Office | 2023-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Security Feature Bypass Vulnerability | |||||
| CVE-2020-17066 | 1 Microsoft | 1 Excel | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17065 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17064 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2023-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17062 | 1 Microsoft | 2 365 Apps, Office | 2023-12-31 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||
| CVE-2020-17061 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||
| CVE-2020-17058 | 1 Microsoft | 5 Edge, Internet Explorer, Windows 10 and 2 more | 2023-12-31 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Browser Memory Corruption Vulnerability | |||||
| CVE-2020-17057 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 7.2 HIGH | 7.0 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2020-17055 | 1 Microsoft | 7 Windows 10, Windows 8.1, Windows Rt 8.1 and 4 more | 2023-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Remote Access Elevation of Privilege Vulnerability | |||||
| CVE-2020-17053 | 1 Microsoft | 3 Internet Explorer, Windows 10, Windows Server 2019 | 2023-12-31 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer Memory Corruption Vulnerability | |||||
| CVE-2020-17052 | 1 Microsoft | 10 Edge, Internet Explorer, Windows 10 and 7 more | 2023-12-31 | 6.8 MEDIUM | 7.5 HIGH |
| Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2020-17047 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 7.8 HIGH | 7.5 HIGH |
| Windows Network File System Denial of Service Vulnerability | |||||
| CVE-2020-17044 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Remote Access Elevation of Privilege Vulnerability | |||||
| CVE-2020-17043 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Remote Access Elevation of Privilege Vulnerability | |||||
| CVE-2020-17042 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 9.3 HIGH | 8.8 HIGH |
| Windows Print Spooler Remote Code Execution Vulnerability | |||||