Filtered by vendor Microsoft
Subscriptions
Total
20262 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-1589 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-10-01 | 4.4 Medium |
| <p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p> | ||||
| CVE-2020-16863 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Server 2008 R2 | 2024-10-01 | 7.5 High |
| <p>A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the Remote Desktop Service on the target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Service.</p> <p>The update addresses the vulnerability by correcting how Remote Desktop Service handles connection requests.</p> | ||||
| CVE-2020-16894 | 1 Microsoft | 3 Windows 10, Windows 10 1607, Windows Server 2016 | 2024-10-01 | 7.7 High |
| <p>A denial of service vulnerability exists when Windows Network Address Translation (NAT) on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.</p> <p>The update addresses the vulnerability by modifying how Windows NAT accesses the host.</p> | ||||
| CVE-2020-16968 | 1 Microsoft | 6 Windows 10, Windows 10 1507, Windows 10 1607 and 3 more | 2024-10-01 | 7.8 High |
| <p>A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of the Windows Camera Codec Pack. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how the Windows Camera Codec Pack handles objects in memory.</p> | ||||
| CVE-2020-16983 | 1 Microsoft | 1 Azure Sphere | 2024-10-01 | 5.7 Medium |
| Azure Sphere Tampering Vulnerability | ||||
| CVE-2020-16994 | 1 Microsoft | 1 Azure Sphere | 2024-10-01 | 7.3 High |
| Azure Sphere Unsigned Code Execution Vulnerability | ||||
| CVE-2020-17054 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-10-01 | 4.2 Medium |
| Chakra Scripting Engine Memory Corruption Vulnerability | ||||
| CVE-2020-17078 | 1 Microsoft | 1 Raw Image Extension | 2024-10-01 | 7.8 High |
| Raw Image Extension Remote Code Execution Vulnerability | ||||
| CVE-2020-16996 | 1 Microsoft | 8 Windows Server 1903, Windows Server 1909, Windows Server 2004 and 5 more | 2024-10-01 | 6.5 Medium |
| Kerberos Security Feature Bypass Vulnerability | ||||
| CVE-2020-17159 | 1 Microsoft | 1 Visual Studio Code | 2024-10-01 | 7.8 High |
| Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | ||||
| CVE-2021-24080 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-10-01 | 6.5 Medium |
| Windows Trust Verification API Denial of Service Vulnerability | ||||
| CVE-2021-24107 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-10-01 | 5.5 Medium |
| Windows Event Tracing Information Disclosure Vulnerability | ||||
| CVE-2021-26869 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-10-01 | 5.5 Medium |
| Windows ActiveX Installer Service Information Disclosure Vulnerability | ||||
| CVE-2021-26893 | 1 Microsoft | 10 Windows Server 1909, Windows Server 2004, Windows Server 2008 and 7 more | 2024-10-01 | 9.8 Critical |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2021-27050 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-10-01 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-27084 | 1 Microsoft | 1 Visual Studio Code | 2024-10-01 | 7.8 High |
| Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | ||||
| CVE-2021-27061 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-10-01 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2021-27063 | 1 Microsoft | 10 Windows Server 1909, Windows Server 2004, Windows Server 2008 and 7 more | 2024-10-01 | 7.5 High |
| Windows DNS Server Denial of Service Vulnerability | ||||
| CVE-2021-28312 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 10 1909 and 6 more | 2024-10-01 | 3.3 Low |
| Windows NTFS Denial of Service Vulnerability | ||||
| CVE-2021-28333 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-10-01 | 8.8 High |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | ||||