Search
Total
6056 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16937 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2023-12-31 | 4.3 MEDIUM | 4.7 MEDIUM |
| <p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p> <p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p> <p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p> | |||||
| CVE-2020-16921 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| <p>An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and open a specially crafted file.</p> <p>The update addresses the vulnerability by correcting how Text Services Framework handles objects in memory.</p> | |||||
| CVE-2020-16905 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.6 MEDIUM | 6.8 MEDIUM |
| <p>An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.</p> <p>An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. To exploit the vulnerability, an attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting the way that WER handles and executes files.</p> | |||||
| CVE-2020-16948 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.</p> | |||||
| CVE-2020-16914 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| <p>An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how GDI+ handles memory addresses.</p> | |||||
| CVE-2020-16953 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.</p> | |||||
| CVE-2020-16919 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| <p>An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.</p> <p>An attacker with unprivileged access to a vulnerable system could exploit this vulnerability.</p> <p>The security update addresses the vulnerability by ensuring the Windows Enterprise App Management Service properly handles file operations.</p> | |||||
| CVE-2020-16950 | 1 Microsoft | 1 Sharepoint Server | 2023-12-31 | 4.3 MEDIUM | 5.0 MEDIUM |
| <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.</p> | |||||
| CVE-2020-16943 | 1 Microsoft | 1 Dynamics 365 | 2023-12-31 | 3.3 LOW | 6.5 MEDIUM |
| <p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization.</p> <p>To exploit the vulnerability, an attacker would need to send a specially crafted request to an affected server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 Commerce performs authorization checks.</p> | |||||
| CVE-2020-17013 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Win32k Information Disclosure Vulnerability | |||||
| CVE-2020-17017 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 6.8 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||
| CVE-2020-17036 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Function Discovery SSDP Provider Information Disclosure Vulnerability | |||||
| CVE-2020-17045 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows KernelStream Information Disclosure Vulnerability | |||||
| CVE-2020-17081 | 1 Microsoft | 1 Raw Image Extension | 2023-12-31 | 5.0 MEDIUM | 5.5 MEDIUM |
| Microsoft Raw Image Extension Information Disclosure Vulnerability | |||||
| CVE-2020-17085 | 1 Microsoft | 1 Exchange Server | 2023-12-31 | 4.0 MEDIUM | 6.2 MEDIUM |
| Microsoft Exchange Server Denial of Service Vulnerability | |||||
| CVE-2020-17090 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 7.5 HIGH | 5.3 MEDIUM |
| Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | |||||
| CVE-2020-17100 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Visual Studio Tampering Vulnerability | |||||
| CVE-2020-17069 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Windows NDIS Information Disclosure Vulnerability | |||||
| CVE-2020-17040 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Server 2012 and 2 more | 2023-12-31 | 7.5 HIGH | 6.5 MEDIUM |
| Windows Hyper-V Security Feature Bypass Vulnerability | |||||
| CVE-2020-1599 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Windows Spoofing Vulnerability | |||||
| CVE-2020-17060 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2023-12-31 | 5.8 MEDIUM | 5.4 MEDIUM |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2020-1325 | 1 Microsoft | 1 Azure Devops Server | 2023-12-31 | 5.5 MEDIUM | 5.4 MEDIUM |
| Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | |||||
| CVE-2020-17071 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Windows Delivery Optimization Information Disclosure Vulnerability | |||||
| CVE-2020-16982 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 6.1 MEDIUM |
| Azure Sphere Unsigned Code Execution Vulnerability | |||||
| CVE-2020-17056 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Windows Network File System Information Disclosure Vulnerability | |||||
| CVE-2020-17004 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2020-16999 | 1 Microsoft | 1 Windows 10 | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Windows WalletService Information Disclosure Vulnerability | |||||
| CVE-2020-17046 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Error Reporting Denial of Service Vulnerability | |||||
| CVE-2020-16979 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 4.0 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||
| CVE-2020-17102 | 1 Microsoft | 1 Webp Image Extension | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| WebP Image Extensions Information Disclosure Vulnerability | |||||
| CVE-2020-16983 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 5.7 MEDIUM |
| Azure Sphere Tampering Vulnerability | |||||
| CVE-2020-17000 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2020-16989 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 5.4 MEDIUM |
| Azure Sphere Elevation of Privilege Vulnerability | |||||
| CVE-2020-16988 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 6.9 MEDIUM |
| Azure Sphere Elevation of Privilege Vulnerability | |||||
| CVE-2020-16981 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 7.2 HIGH | 6.1 MEDIUM |
| Azure Sphere Elevation of Privilege Vulnerability | |||||
| CVE-2020-17063 | 1 Microsoft | 2 365 Apps, Office | 2023-12-31 | 5.8 MEDIUM | 6.8 MEDIUM |
| Microsoft Office Online Spoofing Vulnerability | |||||
| CVE-2020-17029 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-31 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Canonical Display Driver Information Disclosure Vulnerability | |||||
| CVE-2020-17030 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows MSCTF Server Information Disclosure Vulnerability | |||||
| CVE-2020-16986 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 2.1 LOW | 6.2 MEDIUM |
| Azure Sphere Denial of Service Vulnerability | |||||
| CVE-2020-17015 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2020-17130 | 1 Microsoft | 2 365 Apps, Excel | 2023-12-31 | 6.0 MEDIUM | 6.5 MEDIUM |
| Microsoft Excel Security Feature Bypass Vulnerability | |||||
| CVE-2020-17126 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-31 | 2.1 LOW | 5.5 MEDIUM |
| Microsoft Excel Information Disclosure Vulnerability | |||||
| CVE-2020-16996 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2023-12-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| Kerberos Security Feature Bypass Vulnerability | |||||
| CVE-2020-17120 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 4.0 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||
| CVE-2020-17153 | 1 Microsoft | 1 Edge | 2023-12-31 | 5.8 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge for Android Spoofing Vulnerability | |||||
| CVE-2020-17145 | 1 Microsoft | 2 Azure Devops Server, Team Foundation Server | 2023-12-31 | 4.9 MEDIUM | 5.4 MEDIUM |
| Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | |||||
| CVE-2020-17133 | 1 Microsoft | 1 Dynamics Nav | 2023-12-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| Microsoft Dynamics Business Central/NAV Information Disclosure | |||||
| CVE-2020-17117 | 1 Microsoft | 1 Exchange Server | 2023-12-30 | 9.0 HIGH | 6.6 MEDIUM |
| Microsoft Exchange Remote Code Execution Vulnerability | |||||
| CVE-2020-17099 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-12-30 | 4.6 MEDIUM | 6.8 MEDIUM |
| Windows Lock Screen Security Feature Bypass Vulnerability | |||||
| CVE-2020-17098 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-30 | 2.1 LOW | 5.5 MEDIUM |
| Windows GDI+ Information Disclosure Vulnerability | |||||