Show filters
1,078 Total Results
Displaying 31-40 of 1,078
Sort by:
Attacker Value
Moderate

CVE-2020-0863

Disclosure Date: March 12, 2020 (last updated November 27, 2024)
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'.
Attacker Value
Unknown

CVE-2020-17051

Disclosure Date: November 11, 2020 (last updated November 28, 2024)
Windows Network File System Remote Code Execution Vulnerability
1
Attacker Value
Unknown

CVE-2020-1472

Disclosure Date: August 17, 2020 (last updated February 21, 2025)
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers…
1
Attacker Value
Moderate

CVE-2020-0662

Disclosure Date: February 11, 2020 (last updated November 27, 2024)
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
Attacker Value
Low

CVE-2020-0753

Disclosure Date: February 11, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0754.
Attacker Value
Low

CVE-2020-0655

Disclosure Date: February 11, 2020 (last updated November 27, 2024)
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
Attacker Value
Low

CVE-2020-1015

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.
Attacker Value
Low

CVE-2020-0791

Disclosure Date: March 12, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0898.
Attacker Value
Very Low

CVE-2020-1094

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'.
Attacker Value
Low

CVE-2020-0754

Disclosure Date: February 11, 2020 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0753.