Skip to main content
CVE-2020-17083 MEDIUM PATCH This Month

Microsoft Exchange Server Remote Code Execution Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS RCE Microsoft Exchange Server
NVD
CVSS 3.1
5.5
EPSS
12.0%
CVE-2020-17081 MEDIUM PATCH This Month

Microsoft Raw Image Extension Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Raw Image Extension
NVD
CVSS 3.1
5.5
EPSS
3.4%
CVE-2020-17071 MEDIUM PATCH This Month

Windows Delivery Optimization Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-17069 MEDIUM PATCH This Month

Windows NDIS Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-17056 MEDIUM PATCH This Month

Windows Network File System Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-17046 MEDIUM PATCH This Month

Windows Error Reporting Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2020-17045 MEDIUM PATCH This Month

Windows KernelStream Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-17036 MEDIUM PATCH This Month

Windows Function Discovery SSDP Provider Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-17030 MEDIUM PATCH This Month

Windows MSCTF Server Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-17029 MEDIUM PATCH This Month

Windows Canonical Display Driver Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Microsoft Canonical Windows 10 Windows 7 +6
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-17013 MEDIUM PATCH This Month

Win32k Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-17004 MEDIUM PATCH This Month

Windows Graphics Component Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-17000 MEDIUM PATCH This Month

Remote Desktop Protocol Client Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-16999 MEDIUM PATCH This Month

Windows WalletService Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-1325 MEDIUM PATCH This Month

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Azure Devops Server
NVD
CVSS 3.1
5.4
EPSS
1.5%
CVE-2020-17060 MEDIUM PATCH This Month

Microsoft SharePoint Server Spoofing Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Sharepoint Enterprise Server Sharepoint Server
NVD
CVSS 3.1
5.4
EPSS
1.7%
CVE-2020-17021 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-17018 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-17006 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics Crm 2015
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-17005 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-16993 MEDIUM PATCH This Month

Azure Sphere Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.4). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Microsoft Azure Sphere
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-16989 MEDIUM PATCH This Month

Azure Sphere Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.4).

Microsoft Information Disclosure Azure Sphere
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-17090 MEDIUM PATCH This Month

Microsoft Defender for Endpoint Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Microsoft Authentication Bypass Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
5.3
EPSS
3.1%
CVE-2020-17017 MEDIUM PATCH This Month

Microsoft SharePoint Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
5.3
EPSS
3.5%
CVE-2020-16979 MEDIUM PATCH This Month

Microsoft SharePoint Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
5.3
EPSS
2.9%
CVE-2020-17015 MEDIUM PATCH This Month

Microsoft SharePoint Server Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Sharepoint Enterprise Server Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
4.3
EPSS
1.9%
CVE-2020-17054 MEDIUM PATCH This Month

Chakra Scripting Engine Memory Corruption Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Edge Chakracore
NVD
CVSS 3.1
4.2
EPSS
1.9%
CVE-2020-17048 MEDIUM PATCH This Month

Chakra Scripting Engine Memory Corruption Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Edge Chakracore
NVD
CVSS 3.1
4.2
EPSS
1.5%
CVE-2020-26220 LOW PATCH Monitor

toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Touchbase Ai
NVD GitHub
CVSS 3.1
3.5
EPSS
0.7%
CVE-2020-17020 LOW PATCH Monitor

Microsoft Word Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass 365 Apps Office Word
NVD
CVSS 3.1
3.3
EPSS
1.2%
CVE-2020-8352 LOW Monitor

In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Lenovo Information Disclosure Thinkcentre E73 Firmware Thinkcentre M73 Firmware Qitian 4500 Firmware +13
NVD
CVSS 3.1
2.4
EPSS
0.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy