Show filters
1,078 Total Results
Displaying 31-40 of 1,078
Sort by:
Attacker Value
Moderate
CVE-2020-0863
Disclosure Date: March 12, 2020 (last updated November 27, 2024)
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'.
1
Attacker Value
Unknown
CVE-2020-17051
Disclosure Date: November 11, 2020 (last updated November 28, 2024)
Windows Network File System Remote Code Execution Vulnerability
1
Attacker Value
Unknown
CVE-2020-1472
Disclosure Date: August 17, 2020 (last updated February 21, 2025)
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).
When the second phase of Windows updates become available in Q1 2021, customers…
1
Attacker Value
Moderate
CVE-2020-0662
Disclosure Date: February 11, 2020 (last updated November 27, 2024)
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
0
Attacker Value
Low
CVE-2020-0753
Disclosure Date: February 11, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0754.
0
Attacker Value
Low
CVE-2020-0655
Disclosure Date: February 11, 2020 (last updated November 27, 2024)
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
0
Attacker Value
Low
CVE-2020-1015
Disclosure Date: April 15, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.
0
Attacker Value
Low
CVE-2020-0791
Disclosure Date: March 12, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0898.
0
Attacker Value
Very Low
CVE-2020-1094
Disclosure Date: April 15, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'.
0
Attacker Value
Low
CVE-2020-0754
Disclosure Date: February 11, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0753.
0