Skip to main content
CVE-2020-0825 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Edge Chakracore
NVD
CVSS 3.1
7.5
EPSS
13.3%
CVE-2020-0824 HIGH PATCH This Week

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
7.0%
CVE-2020-0823 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Edge Chakracore
NVD
CVSS 3.1
7.5
EPSS
8.6%
CVE-2020-0815 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Azure Devops Server
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-0813 HIGH PATCH This Week

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Chakracore Edge
NVD
CVSS 3.1
7.5
EPSS
5.3%
CVE-2020-0812 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Chakracore +1
NVD
CVSS 3.1
7.5
EPSS
7.7%
CVE-2020-0811 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Chakracore +1
NVD
CVSS 3.1
7.5
EPSS
7.5%
CVE-2020-0768 HIGH PATCH This Week

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Chakracore +2
NVD
CVSS 3.1
7.5
EPSS
8.5%
CVE-2020-0758 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Team Foundation Server Azure Devops Server
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2020-0645 HIGH PATCH This Week

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2020-9464 HIGH This Week

A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Bk9000 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-0556 HIGH PATCH This Week

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Privilege Escalation Bluez Ubuntu Linux Debian Linux +1
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-0854 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2020-0789 HIGH PATCH This Week

A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links, aka 'Visual Studio Extension Installer Service Denial of Service. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Denial Of Service Visual Studio 2019
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2020-0786 HIGH PATCH This Week

A denial of service vulnerability exists when the Windows Tile Object Service improperly handles hard links, aka 'Windows Tile Object Service Denial of Service Vulnerability'. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2020-0785 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.1
EPSS
0.7%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy