Skip to main content
CVE-2020-1162 HIGH PATCH This Week

An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-0986 HIGH KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.8
EPSS
15.9%
CVE-2020-0916 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-0915 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-9858 HIGH This Week

A dynamic library loading issue was addressed with improved path searching. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Windows Migration Assistant
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-9855 HIGH This Week

A validation issue existed in the handling of symlinks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-9852 HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Integer Overflow Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9841 HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Integer Overflow Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9834 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9830 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +2
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-9825 HIGH This Week

An access issue was addressed with additional sandbox restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-9822 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9821 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9817 HIGH This Week

A permissions issue existed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-9816 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9815 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9814 HIGH This Week

A logic issue existed resulting in memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Watchos +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9813 HIGH This Week

A logic issue existed resulting in memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Watchos +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9795 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Apple RCE Use After Free +5
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9793 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2020-9791 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9788 HIGH This Week

A validation issue was addressed with improved input sanitization. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1260 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
7.2%
CVE-2020-1230 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
7.1%
CVE-2020-1219 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Buffer Overflow Microsoft RCE Memory Corruption Internet Explorer +2
NVD
CVSS 3.1
7.5
EPSS
19.1%
CVE-2020-1216 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
7.2%
CVE-2020-1215 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
8.0%
CVE-2020-1214 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
8.0%
CVE-2020-1213 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
7.2%
CVE-2020-1206 HIGH PATCH This Week

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.5
EPSS
9.5%
CVE-2020-11957 HIGH This Week

The Bluetooth Low Energy implementation in Cypress PSoC Creator BLE 4.2 component versions before 3.64 generates a random number (Pairing Random) with significantly less entropy than the specified. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Psoc 4 2 Ble
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-12000 HIGH This Week

The affected product is vulnerable to the handling of serialized data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Ignition Gateway
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-9844 HIGH This Week

A double free issue was addressed with improved memory management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-9837 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +2
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-9827 HIGH This Week

A denial of service issue was addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-9826 HIGH This Week

A denial of service issue was addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-9824 HIGH This Week

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-9823 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-9820 HIGH This Week

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2020-1244 HIGH PATCH This Week

A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.1
EPSS
3.0%
CVE-2020-1204 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2020-9843 HIGH This Week

An input validation issue was addressed with improved input validation. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-9842 HIGH This Week

An entitlement parsing issue was addressed with improved parsing. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2020-9808 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2020-9805 HIGH This Week

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
7.1
EPSS
1.1%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy