Skip to main content
CVE-2020-17043 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2020-17041 HIGH PATCH This Week

Windows Print Configuration Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-17038 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-17037 HIGH PATCH This Week

Windows WalletService Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-17035 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-17034 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17033 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17032 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17031 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17028 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17027 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17026 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17025 HIGH PATCH This Week

Windows Remote Access Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17024 HIGH PATCH This Week

Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-17019 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Office
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-17014 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-17012 HIGH PATCH This Week

Windows Bind Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-17011 HIGH PATCH This Week

Windows Port Class Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-17010 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Windows 10 Windows Server 2016
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2020-17001 HIGH PATCH This Week

Windows Print Spooler Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-16997 HIGH PATCH This Week

Remote Desktop Protocol Server Information Disclosure Vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.7
EPSS
3.7%
CVE-2020-17058 HIGH PATCH This Week

Microsoft Browser Memory Corruption Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Edge Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
2.9%
CVE-2020-17053 HIGH PATCH This Week

Internet Explorer Memory Corruption Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Internet Explorer
NVD
CVSS 3.1
7.5
EPSS
2.9%
CVE-2020-17052 HIGH PATCH This Week

Scripting Engine Memory Corruption Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Internet Explorer Edge
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2020-17047 HIGH PATCH This Week

Windows Network File System Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.5
EPSS
25.3%
CVE-2020-16987 HIGH PATCH This Week

Azure Sphere Unsigned Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Sphere
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2020-16984 HIGH PATCH This Week

Azure Sphere Unsigned Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Sphere
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2020-16126 LOW POC Monitor

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Ubuntu Privilege Escalation Accountsservice
NVD GitHub
CVSS 3.1
3.3
EPSS
0.5%
CVE-2020-4685 HIGH PATCH This Week

A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation IBM Cognos Controller
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2020-7329 HIGH This Week

Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers trigger server-side DNS requests to arbitrary domains via carefully. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Mvision Endpoint
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2020-7328 HIGH This Week

External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SSRF Mvision Endpoint
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2020-17057 HIGH PATCH This Week

Windows Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.0
EPSS
1.9%
CVE-2020-17007 HIGH PATCH This Week

Windows Error Reporting Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2020-16998 HIGH PATCH This Week

DirectX Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
7.0
EPSS
0.8%
CVE-2020-16988 MEDIUM PATCH This Month

Azure Sphere Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.9).

Microsoft Information Disclosure Azure Sphere
NVD
CVSS 3.1
6.9
EPSS
0.7%
CVE-2020-17063 MEDIUM PATCH This Month

Microsoft Office Online Spoofing Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure 365 Apps Office
NVD
CVSS 3.1
6.8
EPSS
1.5%
CVE-2020-8354 MEDIUM This Month

A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Lenovo Notebook Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2020-17049 MEDIUM PATCH This Month

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Windows Server 2012 Windows Server 2016 Windows Server 2019 Samba
NVD
CVSS 3.1
6.6
EPSS
13.8%
CVE-2020-17040 MEDIUM PATCH This Month

Windows Hyper-V Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Server 2012 +2
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2020-17085 MEDIUM PATCH This Month

Microsoft Exchange Server Denial of Service Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Exchange Server
NVD
CVSS 3.1
6.2
EPSS
3.4%
CVE-2020-16990 MEDIUM PATCH This Month

Azure Sphere Information Disclosure Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Microsoft Information Disclosure Azure Sphere
NVD
CVSS 3.1
6.2
EPSS
1.4%
CVE-2020-26221 MEDIUM This Month

touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Touchbase Ai
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-26219 MEDIUM This Month

touchbase.ai before version 2.0 is vulnerable to Open Redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Redirect Touchbase Ai
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-26218 MEDIUM POC This Month

touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Touchbase Ai
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
1.9%
CVE-2020-16981 MEDIUM PATCH This Month

Azure Sphere Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.1).

Microsoft Information Disclosure Azure Sphere
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-16983 MEDIUM PATCH This Month

Azure Sphere Tampering Vulnerability. Rated medium severity (CVSS 5.7).

Microsoft Information Disclosure Azure Sphere
NVD
CVSS 3.1
5.7
EPSS
0.7%
CVE-2020-1599 MEDIUM PATCH This Month

Windows Spoofing Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
19.1%
CVE-2020-17113 MEDIUM PATCH This Month

Windows Camera Codec Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Microsoft Information Disclosure Windows 10
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2020-17102 MEDIUM PATCH This Month

WebP Image Extensions Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Webp Image Extension
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2020-17100 MEDIUM PATCH This Month

Visual Studio Tampering Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Visual Studio 2017 Visual Studio 2019
NVD
CVSS 3.1
5.5
EPSS
0.8%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy