Skip to main content
CVE-2020-8230 MEDIUM PATCH This Month

A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Nextcloud Microsoft Desktop
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-1591 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.5%
CVE-2020-1580 MEDIUM PATCH This Month

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2020-1501 MEDIUM PATCH This Month

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Microsoft Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
5.4
EPSS
1.7%
CVE-2020-1500 MEDIUM PATCH This Month

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Microsoft Sharepoint Enterprise Server Sharepoint Server
NVD
CVSS 3.1
5.4
EPSS
1.8%
CVE-2020-1499 MEDIUM PATCH This Month

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Microsoft Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
5.4
EPSS
1.8%
CVE-2020-1455 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Sql Server Management Studio
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2020-1483 MEDIUM PATCH This Month

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption 365 Apps +2
NVD
CVSS 3.1
5.0
EPSS
8.9%
CVE-2020-3472 MEDIUM This Month

A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Online
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2020-3464 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco UCS Director could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Ucs Director
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-1578 MEDIUM PATCH This Month

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. Rated medium severity (CVSS 4.7).

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
4.7
EPSS
0.9%
CVE-2020-9103 MEDIUM This Month

HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic error vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mate 20 Firmware
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-3449 MEDIUM This Month

A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent authorized users from monitoring the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Ios Xr
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2020-3413 MEDIUM This Month

A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Webex Meetings Online
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-3412 MEDIUM This Month

A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Webex Meetings Online
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-1567 MEDIUM PATCH This Month

A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required.

RCE Internet Explorer
NVD
CVSS 3.1
4.2
EPSS
3.7%
CVE-2020-1566 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
4.2
EPSS
1.7%
CVE-2020-3502 MEDIUM This Month

Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Webex Meetings Server
NVD
CVSS 3.1
4.1
EPSS
1.0%
CVE-2020-3501 MEDIUM This Month

Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Webex Meetings Server
NVD
CVSS 3.1
4.1
EPSS
1.0%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy