CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2020-17103 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17103
09 Dec 2020 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17134, CVE-2020-17136 The Microsoft Windows Cloud Filter HsmOsBlockPlaceholderAccess function allows a user to create arbitrary registry keys in the .DEFAULT users hive leading to elevation of privilege. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17103 •
CVSS: 8.8EPSS: 2%CPEs: 18EXPL: 0CVE-2020-17131 – Chakra Scripting Engine Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-17131
09 Dec 2020 — Chakra Scripting Engine Memory Corruption Vulnerability Vulnerabilidad de corrupción de memoria en el motor de scripting de Chakra This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JIT compiler. By performing actions in JavaScript, an attacker can trigger a memory corruption co... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17131 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2020-17134 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17134
09 Dec 2020 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17103, CVE-2020-17136 The Microsoft Windows Cloud Filter access check does not take into account restrictions such as Mandatory Labels allowing a user to bypass security checks. • https://packetstorm.news/files/id/160426 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2020-17139 – Windows Overlay Filter Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-17139
09 Dec 2020 — Windows Overlay Filter Security Feature Bypass Vulnerability Vulnerabilidad de la función de seguridad del filtro de superposición de Windows The Microsoft Windows WOF filter driver does not correctly handle the reparse point setting which allows for an arbitrary file to be cached signed leading to a bypass of UMCI. • https://packetstorm.news/files/id/160428 •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 4CVE-2020-17136 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17136
09 Dec 2020 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17103, CVE-2020-17134 The Microsoft Windows Cloud Filter driver can be abused to create arbitrary files and directories leading to elevation of privilege. • https://packetstorm.news/files/id/160425 •
CVSS: 5.5EPSS: 46%CPEs: 21EXPL: 0CVE-2020-1599 – Windows Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2020-1599
11 Nov 2020 — Windows Spoofing Vulnerability Vulnerabilidad Windows Spoofing • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1599 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-17113 – Windows Camera Codec Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-17113
11 Nov 2020 — Windows Camera Codec Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de códec de cámara de Windows There is an out-of bounds read vulnerability in WindowsCodecsRaw.dll while processing a malformed Canon raw image. This can potentially lead to disclosing the memory of the affected process. All applications that use Windows Image Codecs for image parsing are potentially affected. The vulnerability has been confirmed on Windows 10 v2004 with the most recent patches applied. • http://packetstormsecurity.com/files/160054/Microsoft-Windows-WindowsCodecsRaw-CCanonRawImageRep-GetNamedWhiteBalances-Out-Of-Bounds-Read.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-17088 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17088
11 Nov 2020 — Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador del sistema de archivos de registro común de Windows • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17088 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-17076 – Windows Update Orchestrator Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17076
11 Nov 2020 — Windows Update Orchestrator Service Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Servicio de Windows Update Orchestrator Este ID de CVE es diferente de VE-2020-17073, CVE-2020-17074. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17076 •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-17077 – Windows Update Stack Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-17077
11 Nov 2020 — Windows Update Stack Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows Update Stack • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17077 •