Show filters
1,256 Total Results
Displaying 11-20 of 1,256
Sort by:
Attacker Value
High
CVE-2020-1247
Disclosure Date: June 09, 2020 (last updated November 28, 2024)
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1251, CVE-2020-1253, CVE-2020-1310.
1
Attacker Value
Unknown
CVE-2020-1027
Disclosure Date: April 15, 2020 (last updated February 21, 2025)
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.
1
Attacker Value
Unknown
CVE-2020-1020
Disclosure Date: April 15, 2020 (last updated February 21, 2025)
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0938.
1
Attacker Value
Moderate
CVE-2020-1584 - Windows dnsrslvr.dll Elevation of Privilege Vulnerability
Disclosure Date: August 17, 2020 (last updated January 19, 2024)
An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability by ensuring the dnsrslvr.dll properly handles objects in memory.
1
Attacker Value
Very High
CVE-2020-0683
Disclosure Date: February 11, 2020 (last updated February 21, 2025)
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.
0
Attacker Value
Low
CVE-2020-1464
Disclosure Date: August 17, 2020 (last updated January 19, 2024)
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.
In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded.
The update addresses the vulnerability by correcting how Windows validates file signatures.
1
Attacker Value
Unknown
CVE-2020-16896
Disclosure Date: October 16, 2020 (last updated November 28, 2024)
<p>An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>
<p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.</p>
<p>The update addresses the vulnerability by correcting how RDP handles connection requests.</p>
1
Attacker Value
Unknown
CVE-2019-0797
Disclosure Date: April 09, 2019 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.
1
Attacker Value
Unknown
CVE-2019-0703
Disclosure Date: April 09, 2019 (last updated November 27, 2024)
An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821.
1
Attacker Value
Unknown
CVE-2019-1040
Disclosure Date: June 12, 2019 (last updated November 27, 2024)
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'.
1