Skip to main content
CVE-2020-2807 HIGH This Week

Vulnerability in the Oracle Marketing Encyclopedia System product of Oracle E-Business Suite (component: Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing Encyclopedia System
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-2796 HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-2794 HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Email Address list and Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-2758 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Use After Free Memory Corruption Information Disclosure Vm Virtualbox +1
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-2742 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Integer Overflow Vm Virtualbox Leap
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-11661 HIGH This Week

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
CVSS 3.1
8.1
EPSS
1.9%
CVE-2020-2956 HIGH PATCH This Week

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Human Resources
NVD
CVSS 3.1
8.1
EPSS
2.0%
CVE-2020-2882 HIGH This Week

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Human Resources
NVD
CVSS 3.1
8.1
EPSS
46.5%
CVE-2020-2746 HIGH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hospitality Reporting And Analytics
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2020-1022 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
8.0
EPSS
6.8%
CVE-2020-2735 HIGH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2020-3194 HIGH This Week

A vulnerability in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Microsoft RCE Webex Network Recording Player +3
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-10639 HIGH This Week

Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Hmisoft Vu3 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-0600 HIGH This Week

Improper buffer restrictions in firmware for some Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Nuc 8 Rugged Kit Nuc8Cchkr Firmware Nuc Board Nuc8Cchb Firmware Nuc 7 Essential Pc Nuc7Cjysal Firmware +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0598 HIGH This Week

Uncontrolled search path in the installer for the Intel(R) Binary Configuration Tool for Windows, all versions, may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft Binary Configuration Tool
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0557 HIGH This Week

Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi products before version 21.70 on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft Proset Wireless Wifi
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0547 HIGH This Week

Incorrect default permissions in the installer for Intel(R) Data Migration Software versions 3.3 and earlier may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Data Migration
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8948 HIGH This Week

The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) before build 5043 allows an unprivileged user to overwrite arbitrary files in arbitrary folders using hard links. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Mobile Broadband Driver Package
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-1094 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1029 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-1019 HIGH PATCH This Week

An elevation of privilege vulnerability exists in RMS Sharing App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft RMS Sharing App for Mac Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Rms Sharing
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1017 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1015 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2020-1014 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1011 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows System Assessment Tool improperly handles file operations, aka 'Windows Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-1009 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-1008 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-1006 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1004 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1003 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1001 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1000 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows Server 2008 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-0999 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-0996 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-0995 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
17.3%
CVE-2020-0994 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-0992 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-0991 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office Office 365 Proplus
NVD
CVSS 3.1
7.8
EPSS
11.5%
CVE-2020-0988 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-0985 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-0984 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Autoupdate
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-0983 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Delivery Optimization service improperly handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-0980 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office Office 365 Proplus Office Online Server +4
NVD
CVSS 3.1
7.8
EPSS
11.5%
CVE-2020-0965 HIGH PATCH This Week

A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2020-0961 HIGH PATCH This Week

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office Office 365 Proplus
NVD
CVSS 3.1
7.8
EPSS
11.5%
CVE-2020-0960 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-0959 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-0958 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-0957 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 7 Windows Server 2008
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-0956 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy